Most or all of the SEP clients remain in a state of "Authentication Pending" during registration of Symantec Endpoint Protection (SEP) clients with Symantec Advanced Threat Protection (ATP) Platform.
ATP certificate was created with the Fully Qualified Domain Name (FQDN) of the ATP Platform management server, but the settings of ATP Platform point the policy at the ATP management server use the IP address or short host name. When a SEP client attempts to register for EDR 2.0 with ATP management server, this mismatch causes the TLS handshake to fail. This can leave one or more SEP clients in an "Authentication Pending" state.
To correct the mismatch:
This document is specific to the most common underlying cause for all SEP clients remaining in "Authentication Pending", mismatch of hostname/IP between EDR settings and the certificate.
If this document does not resolve the Authentication Symptom, please look at the workflow documentation for triaging Authentication Pending symptoms, here: