search cancel

Configuring RSA authentication in Endpoint Protection Manager fails with error which states that sdconf.rec cannot be uploaded

book

Article ID: 162383

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Configuring RSA authentication fails with the error The file <C:\Users\Your_Username\Desktop\sdconf.rec> cannot be uploaded to the management server. This issue occurs after upgrading a Symantec Endpoint Protection Manager. 

ConfigSecurId-0.log shows the following error:

    2015-09-08 15:32:15.271 THREAD 79 FINE: ------------ Thread started --------------
    2015-09-08 15:32:15.280 THREAD 79 SEVERE: SemLaunchService> getRequestTokenFromTokenMap>> requestTokens is null or empty, task name:ConfigureRSAAuth
    2015-09-08 15:32:15.280 THREAD 79 INFO: SemLaunchService> execute>> The request token is null. Task name: ConfigureRSAAuth
    2015-09-08 15:32:15.306 THREAD 79 FINE: Borrow connection from pool.
    2015-09-08 15:32:15.308 THREAD 79 FINE: Borrow connection from pool.
    2015-09-08 15:32:15.310 THREAD 79 FINE:  calling close on connection.
    2015-09-08 15:32:15.310 THREAD 79 FINE: Return connection to pool.
    2015-09-08 15:32:15.313 THREAD 79 FINE:  calling close on connection.
    2015-09-08 15:32:15.313 THREAD 79 FINE: Return connection to pool.
    2015-09-08 15:32:15.313 THREAD 79 FINE: ------------ Thread stopped --------------

scm-server-0.log shows the following error:

    2015-09-08 15:32:15.280 THREAD 79 SEVERE:  in: com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler
    java.io.IOException: SemLaunchService: fail to config RSA login!
        at com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler.configWinRSALogin(ConfigSecurIdHandler.java:133)
        at com.sygate.scm.server.consolemanager.requesthandler.ConfigSecurIdHandler.handleRequest(ConfigSecurIdHandler.java:84)
        at com.sygate.scm.server.consolemanager.RequestHandler.handleRequest(RequestHandler.java:521)
        at com.sygate.scm.server.consolemanager.RequestHandler.<init>(RequestHandler.java:155)
        at com.sygate.scm.server.servlet.ConsoleServlet.doPost(ConsoleServlet.java:128)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at com.sygate.scm.pool.HttpResponseFilters.doFilter(HttpResponseFilters.java:82)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at com.sygate.scm.server.servlet.ConsoleFilter.doFilter(ConsoleFilter.java:84)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2466)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2455)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:745)

 

Resolution

To resolve this issue, make the following changes to semlaunchsrv.properties. By default, this file is located in the folder C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc.

Note: Backup semlaunchsrv.properties before making any changes to the file.

If not present, add the following lines:

sem.launchsrv.exefilepath.taskname.RsaSecurId.sepm=tomcat\\bin\\securid.exe
sem.launchsrv.tokencount.taskname.RsaSecurId=1

If present, remove the following lines:

sem.launchsrv.tokencount.taskname.Msiexec=1
sem.launchsrv.tokencount.taskname.CommonCMD=1
sem.launchsrv.exefilepath.taskname.Msiexec.abs=msiexec
sem.launchsrv.exefilepath.taskname.CommonCMD.conf=scm.os.sysroot*\\cmd.exe