Endpoint Protection Manager upgrade error: "Symantec Endpoint Protection Manager services require user rights in Windows security policies. The management console cannot run until you assign user rights to the services in the specified policies"

book

Article ID: 171094

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Your Endpoint Protection Manager (SEPM) upgrade from 12.1.6 to 14.0 RU1MP1 fails.
 

"Symantec Endpoint Protection Manager services require user rights in Windows security policies. The management console cannot run until you assign user rights to the services in the specified policies".
You follow http://www.symantec.com/docs/TECH228988 but you are not able to add the virtual account on the Domain Controller via gpedit.msc as you get error:

"The following accounts could not be validated: NT SERVICE\semsrv".

 

Environment


 

Resolution

Install GPMC.EXE on the server hosting the SEPM and use it to modify the Group Policy Object (GPO).

Source:
https://social.technet.microsoft.com/Forums/en-US/bdd4c06d-b2a5-4f59-8c2e-f0aa3cd77f33/unable-to-add-service-account-to-gpo-so-that-sepm-can-start?forum=winserverGP