search cancel

Advanced Threat Protection Intermittent Authentication or Connection Errors with Endpoint Protection Manager Webservers

book

Article ID: 163992

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

One or more Symantec Endpoint Protection Manager (SEPM) display Authentication or Connection Errors as their Status. The Status changes to "Healthy" automatically after some time, but can change to an Error intermittently.

Advanced Threat Protection (ATP)

The errors can display as any of the following:

  • Authentication Error
  • Connection Error

Environment

Multiple SEPMs are configured to synchronize with Active Directory Servers in the background on a relatively frequent schedule.

Cause

The synchronization process between the SEPMs and the Active Directory servers can temporarily lock SEPM database tables.  When this coincides with some connection activity between ATP and the SEPMs, information requested by ATP will be temporatily unavailable, resulting in a "SEPM is not Healthy" status. 
When the next ATP to SEPM connection no longer coincides with the SEPM and Active Directory synchronization, the SEPM Status reverts back to "Healthy".
 

Resolution

Minimize the database table lock occurences:
Limit the number of SEPMs that synchronize with an Active Directory server to one.