Configuring RSA authentication in Endpoint Protection Manager fails with error which states that sdconf.rec cannot be uploaded
search cancel

Configuring RSA authentication in Endpoint Protection Manager fails with error which states that sdconf.rec cannot be uploaded

book

Article ID: 162383

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Configuring RSA authentication fails with the error The file <C:\Users\Your_Username\Desktop\sdconf.rec> cannot be uploaded to the management server. This issue occurs after upgrading a Symantec Endpoint Protection Manager. 

ConfigSecurId-0.log shows the following error:

    2015-09-08 15:32:15.271 THREAD 79 FINE: ------------ Thread started --------------
    2015-09-08 15:32:15.280 THREAD 79 SEVERE: SemLaunchService> getRequestTokenFromTokenMap>> requestTokens is null or empty, task name:ConfigureRSAAuth
    2015-09-08 15:32:15.280 THREAD 79 INFO: SemLaunchService> execute>> The request token is null. Task name: ConfigureRSAAuth
    2015-09-08 15:32:15.306 THREAD 79 FINE: Borrow connection from pool.
    2015-09-08 15:32:15.308 THREAD 79 FINE: Borrow connection from pool.
    2015-09-08 15:32:15.310 THREAD 79 FINE:  calling close on connection.
    2015-09-08 15:32:15.310 THREAD 79 FINE: Return connection to pool.
    2015-09-08 15:32:15.313 THREAD 79 FINE:  calling close on connection.
    2015-09-08 15:32:15.313 THREAD 79 FINE: Return connection to pool.
    2015-09-08 15:32:15.313 THREAD 79 FINE: ------------ Thread stopped --------------

scm-server-0.log shows the following error:

    2015-09-08 15:32:15.280 THREAD 79 SEVERE:  in: com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler
    java.io.IOException: SemLaunchService: fail to config RSA login!
        at com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler.configWinRSALogin(ConfigSecurIdHandler.java:133)
        at com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler.handleRequest(ConfigSecurIdHandler.java:84)
        at com.sygate.scm.server.consolemanager.RequestHandler.handleRequest(RequestHandler.java:521)
        at com.sygate.scm.server.consolemanager.RequestHandler.<init>(RequestHandler.java:155)
        at com.sygate.scm.server.servlet.ConsoleServlet.doPost(ConsoleServlet.java:128)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at com.sygate.scm.pool.HttpResponseFilters.doFilter(HttpResponseFilters.java:82)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at com.sygate.scm.server.servlet.ConsoleFilter.doFilter(ConsoleFilter.java:84)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2466)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2455)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:745)

 

Resolution

To resolve this issue, make the following changes to semlaunchsrv.properties. By default, this file is located in the folder C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc.

Note: Backup semlaunchsrv.properties before making any changes to the file.

If not present, add the following lines:

sem.launchsrv.exefilepath.taskname.RsaSecurId.sepm=tomcat\\bin\\securid.exe
sem.launchsrv.tokencount.taskname.RsaSecurId=1

If present, remove the following lines:

sem.launchsrv.tokencount.taskname.Msiexec=1
sem.launchsrv.tokencount.taskname.CommonCMD=1
sem.launchsrv.exefilepath.taskname.Msiexec.abs=msiexec
sem.launchsrv.exefilepath.taskname.CommonCMD.conf=scm.os.sysroot*\\cmd.exe