ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unexpected server error. ErrorCode: 0x10010000 after attempting to login to Endpoint Protection Manager


Article ID: 161540


Updated On:


Endpoint Protection


Logging in to Symantec Endpoint Protection Manager (SEPM) console takes longer than normal, about 60 secounds. Then once you login, you receive an error message "Unexpected server error. ErrorCode: 0x10010000". The first 3 tabs (Home, Monitors, and Reports) cannot be navigated.

The error-<timezone>.log in "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\logs" contains warnings/errors similar to the following:

[Tue Dec 09 09:07:56.042235 2014] [fcgid:error] [pid 588:tid 460] (OS 1314)A required privilege is not held by the client.  : mod_fcgid: can't run ../php/php-cgi.exe
[Tue Dec 09 09:07:56.057835 2014] [fcgid:warn] [pid 588:tid 460] (OS 1314)A required privilege is not held by the client.  : mod_fcgid: spawn process ../php/php-cgi.exe error


You may also see the following error in the server-0.log:

Server returned HTTP response code: 503 for URL: https://SERVERNAME:8445/Reporting/reports/sr-login.php


The "NT SERVICE\semwebsrv" account lacks "Replace a process level token" permissions in the system's local security policy.


SEP 14.x


Edit the Local Security Policy (under Administrative Tools) on the SEPM machine(s), proceed to Local Policies, User Rights Assignment and add the "NT SERVICE\semwebsrv" user to the "Replace a process level token" policy.

NOTE: If a domain level group policy is assigned to the SEPM, then changes to this security setting will need to be made at the domain level by the Active Directory administrator.