When installing the Symantec Endpoint Protection Manager, the initial install goes smoothly, but the Management Server Configuration Wizard (MSCW) fails at the "The database is being created and initialized" step between the 77% and 100% mark.

On-screen error is "Failed to set Symantec Endpoint Protection Manager service account ACLs"

Reviewing \Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\ConfigurationWizard-0.log shows error messages similar to the following:

2019-05-30 15:31:28.192 THREAD 31 WARNING: ACLUtil> executeSetACLExe >>Retrying...3 times. Command = ["C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin\SetACL.exe", -on, HKLM\System\CurrentControlSet\services\semsrv, -ot, reg, -actn, clear, -clr, dacl,sacl, -actn, setprot, -op, dacl:p_nc;sacl:p_nc, -actn, ace, -ace, n:S-1-5-32-544;p:full;s:y;m:set, -ace, n:S-1-5-18;p:full;s:y;m:set, -ace, n:S-1-5-80-3958276243-2739099675-334681800-2039304502-2384811254;p:read;s:y;m:set]
2019-05-30 15:31:28.192 THREAD 31 INFO: ACLUtil> executeSetACLExe >> Started. Command = ["C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin\SetACL.exe", -on, HKLM\System\CurrentControlSet\services\semsrv, -ot, reg, -actn, clear, -clr, dacl,sacl, -actn, setprot, -op, dacl:p_nc;sacl:p_nc, -actn, ace, -ace, n:S-1-5-32-544;p:full;s:y;m:set, -ace, n:S-1-5-18;p:full;s:y;m:set, -ace, n:S-1-5-80-3958276243-2739099675-334681800-2039304502-2384811254;p:read;s:y;m:set],Start time: Thu May 30 15:31:28 PDT 2019
2019-05-30 15:31:28.239 THREAD 31 INFO: ACLUtil> executeSetACLExe>> Finished. Return code = 1,Finish time: Thu May 30 15:31:28 PDT 2019
2019-05-30 15:31:28.239 THREAD 31 WARNING: ACLUtil> executeSetACLExe>> Process output:
SetACL 14.2.1031.0100 (c) Symantec Corporation
Processing ACLs for HKLM\System\CurrentControlSet\services\semsrv
Error: AdjustTokenPrivileges returned ERROR_NOT_ALL_ASSIGNED. Error code: 1300: Not all privileges or groups referenced are assigned to the caller.

2019-05-30 15:31:28.239 THREAD 31 INFO: ACLUtil> setACLs>> Fail to set permission(s) for Object = HKLM\System\CurrentControlSet\services\semsrv,Finish time: Thu May 30 15:31:28 PDT 2019
2019-05-30 15:31:28.239 THREAD 31 WARNING: com.sygate.scm.server.util.acl.ACLException: Failed to set ACL on object : HKLM\System\CurrentControlSet\services\semsrv
    at com.sygate.scm.server.util.acl.ACLUtil.setACL(ACLUtil.java:95)
    at com.sygate.scm.server.util.acl.generated.AccessControlList.apply(AccessControlList.java:252)
    at com.sygate.scm.server.util.acl.generated.OSObject.applyACLForMe(OSObject.java:276)
    at com.sygate.scm.server.util.acl.generated.OSObject.applyACLForMyFamily(OSObject.java:263)
    at com.sygate.scm.server.util.acl.SerialACLProcessorImpl.process(SerialACLProcessorImpl.java:43)
    at com.sygate.scm.server.util.acl.SEPMACLManager.applyAllACLsWithProcessor(SEPMACLManager.java:237)
    at com.sygate.scm.server.util.acl.SEPMACLManager.applyAllACLs(SEPMACLManager.java:153)
    at com.sygate.scm.server.util.acl.SEPMACLManager.applyAllACLs(SEPMACLManager.java:132)
    at com.sygate.scm.install.ui.MainFrame.setACLs(MainFrame.java:2267)
    at com.sygate.scm.install.ui.MainFrame.configureDB(MainFrame.java:2085)
    at com.sygate.scm.install.ui.MainFrame.nextBtnActionPerformed(MainFrame.java:4847)
    at com.sygate.scm.install.ui.MainFrame.access$500(MainFrame.java:312)
    at com.sygate.scm.install.ui.MainFrame$5$1.construct(MainFrame.java:4377)
    at com.sygate.scm.util.SwingWorker$2.run(SwingWorker.java:153)
    at java.lang.Thread.run(Thread.java:748)

The account being used to install the Symantec Endpoint Protection Manager is lacking the SeBackupPrivilege right, which is necessary for SetACL.exe to run properly.

Assign SeBackupPrivilege to the account being used for installation.  This can be done by opening Local Security Policy, then Local Policies, User Rights Assignment, and Back up files and directories, then adding the user or group.