Configuring RSA authentication fails with the error The file <C:\Users\Your_Username\Desktop\sdconf.rec> cannot be uploaded to the management server. This issue occurs after upgrading a Symantec Endpoint Protection Manager.
ConfigSecurId-0.log shows the following error:
2015-09-08 15:32:15.271 THREAD 79 FINE: ------------ Thread started -------------- 2015-09-08 15:32:15.280 THREAD 79 SEVERE: SemLaunchService> getRequestTokenFromTokenMap>> requestTokens is null or empty, task name:ConfigureRSAAuth 2015-09-08 15:32:15.280 THREAD 79 INFO: SemLaunchService> execute>> The request token is null. Task name: ConfigureRSAAuth 2015-09-08 15:32:15.306 THREAD 79 FINE: Borrow connection from pool. 2015-09-08 15:32:15.308 THREAD 79 FINE: Borrow connection from pool. 2015-09-08 15:32:15.310 THREAD 79 FINE: calling close on connection. 2015-09-08 15:32:15.310 THREAD 79 FINE: Return connection to pool. 2015-09-08 15:32:15.313 THREAD 79 FINE: calling close on connection. 2015-09-08 15:32:15.313 THREAD 79 FINE: Return connection to pool. 2015-09-08 15:32:15.313 THREAD 79 FINE: ------------ Thread stopped --------------
scm-server-0.log shows the following error:
2015-09-08 15:32:15.280 THREAD 79 SEVERE: in: com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler java.io.IOException: SemLaunchService: fail to config RSA login! at com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler.configWinRSALogin(ConfigSecurIdHandler.java:133) at com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler.handleRequest(ConfigSecurIdHandler.java:84) at com.sygate.scm.server.consolemanager.RequestHandler.handleRequest(RequestHandler.java:521) at com.sygate.scm.server.consolemanager.RequestHandler.<init>(RequestHandler.java:155) at com.sygate.scm.server.servlet.ConsoleServlet.doPost(ConsoleServlet.java:128) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.sygate.scm.pool.HttpResponseFilters.doFilter(HttpResponseFilters.java:82) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.sygate.scm.server.servlet.ConsoleFilter.doFilter(ConsoleFilter.java:84) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2466) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2455) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
To resolve this issue, make the following changes to semlaunchsrv.properties. By default, this file is located in the folder C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc.
Note: Backup semlaunchsrv.properties before making any changes to the file.
If not present, add the following lines:
sem.launchsrv.exefilepath.taskname.RsaSecurId.sepm=tomcat\\bin\\securid.exe sem.launchsrv.tokencount.taskname.RsaSecurId=1
If present, remove the following lines:
sem.launchsrv.tokencount.taskname.Msiexec=1 sem.launchsrv.tokencount.taskname.CommonCMD=1 sem.launchsrv.exefilepath.taskname.Msiexec.abs=msiexec sem.launchsrv.exefilepath.taskname.CommonCMD.conf=scm.os.sysroot*\\cmd.exe