Occasionally a Symantec Data Loss Prevention (DLP) Endpoint Prevent agent needs to be redirected to a different Endpoint Server. Or an agent needs to have its Endpoint Server priority list changed.
Here are several methods of changing the Endpoint Server or modifying the Endpoint Server list for a DLP agent. They are listed in an order of recommendation. Select the one that fits your needs the best:
Method 1: Changing the Endpoint Server through the console
A task running icon (clipboard with play option) now appears next to the agent. Once the change is successful you see an event for that agent that reports "Change Endpoint Server task execution succeeded" in the agent details.
In version 15.0, the “update_configuration” tool was removed. In versions greater than 15.0, the vontu_sqlite3 tool must be used to update the configuration. This section describes how to use both utilities.
NOTE: The "After 15.0" method can also be used on versions before 15.0 as well.
This Method is used if the agents do not communicate with the DLP Endpoint Server.
Locate the Symantec_DLP_<version>_Agent_Win-IN.zip that was used when generating the agent install package (See Agent Install Files Information). Extract the tools folder appropriate for the client architecture. Copy the extracted files to the client computer into the DLP Endpoint Agent folder.
Once the tools are in the DLP Agent folder run the following command and adjust the value parameter for the Endpoint Server in your environment.
If updating to multiple servers then use a semicolon as a delimiter. For example:
You can now restart the agent using the service_shutdown.exe then starting the edpa or wdp service or restart the client computer. Once the agent restarts the new changes take place.
For security reasons remove the tools (update_configuration.exe, etc.) from the client computer.
You may also use the vontu_sqlite3 tool locally on the endpoint agent.
Currently mac agents do not have an update_configuration.exe equivalent. If the agents cannot get a configuration update from the Enforce Server, this method is one of the only other options to change the server. This method requires that you have the agent tools password that was used when installing the agent.
First obtain the vontu_sqlite3 agent tool using the same process as described in Method 2. Note that the mac agent files are in Symantec_DLP_14.X_Agent_Mac-IN.zip. Once the vontu_sqlite3 tool is in the endpoint agent folder run the following command from that directory.
This command brings you to a sqlite> prompt. Then type the following (case sensitive) to update the server:
Then restart the agent by restarting the client or using one of the following command lines:
Windows (agent tool):
When the agent starts back up it connects to the configured server.
This method is typically only used if the computers are no longer connected and the previous methods are not viable.
Example: You have several Mac clients that need to be reinstalled. You can use this method instead of manually running the vontu_sqlite utility on each computer.
Follow these steps to use an agent install package to redirect the agents.
Note that you cannot upgrade an agent to a version it already has or older. For example, you cannot upgrade DLP agent 15.0 MP1 to 14.6 MP2 or 15.0 MP1.
If you meet the prerequisites of an upgrade, then you can do an agent upgrade with an updated Endpoint Server list. See Symantec Data Loss Prevention Upgrade Guides.