Endpoint Protection client is trying to register with an invalid Domain ID
Article ID: 177404
Updated On:
Products
Issue/Introduction
Within the Symantec Endpoint Protection Manager (SEPM) logs or console, it can be seen that a SEP client is trying to register with an invalid Domain ID.
SEPM FINEST logging may need to be enabled to see all details:
scm-server-0.log
java.lang.IllegalArgumentException: Client is trying to register with invalid Domain ID 45A7120CC0A8ECFE013AFAC794DDE8E0 from xxxxxxxxxcom.sygate.scm.server.agentmanager.InvalidDomainIdRegistrationException: Client xxxxxx is trying to register with invalid Domain ID AD8FED1CC0A801EA202DF86C3BB4DE7E
AgentRegister-0.log
THREAD 65 FINE: calling close on connection.
THREAD 65 FINE: Return connection to pool.
THREAD 65 WARNING: AgentRegisterHandler> registerClient> Error-> Invalid Domain ID: [32E95C2B0AF80F640B0E9CC6B9F460E2]
THREAD 65 WARNING: <?xml version="1.0" encoding="UTF-8"?><SSARegData NameSpace="rpc"><AgentInfo DomainID="32E95C2B0AF80F640B0E9CC6B9F460E2" AgentType="105"
Export System Server Activity logs from SEPM Under the "Error Code" column will see "Unexpected server error." and in "Stack Trace" column below error is seen
com.sygate.scm.server.agentmanager.InvalidDomainIdRegistrationException: Client xxxxxxx is trying to register with invalid Domain ID 32E95C2B0AF80F640B0E9CC6B9F460E2. at com.sygate.scm.server.agentmanager.actions.AgentRegisterHandler.registerClient(AgentRegisterHandler.java:705) at com.sygate.scm.server.agentmanager.actions.AgentRegisterHandler.agentRegister(AgentRegisterHandler.java:392)
In the SEPM, Server tab activity logs can see multiple "Unexpected server error" events
Cause
The sylink.xml file being used by one or more clients refers to a Domain ID that no longer exists. This could occur if the SEPM was reinstalled or a former Domain has been deleted.
Resolution
There are two different solutions for this issue.
-
When this issue occurs a file called InvalidDomainCh
ange.properties should be created within the <SEPM Install>\tomcat\etc folder. If you have never had this issue then the file will not be present. Edit the InvalidDomainCh ange.properties file. You should see something that looks similar below: #Contains Invalid Domain ID and the corresponding Domain ID to be used to move a client
#Wed Jun 07 17:58:24 CDT 2017
HWI83LM21M9S932AAPWGG524YTW99=
L27AAA45MND2U1JK564786DDDF87611=
Edit the file to include the current Domain ID in use on the SEPM found when going to Admin > Domains. Below is an example edit of the properties file which will re-direct clients to use the B9D51233C0A8C5A6007AEB8641A0EB46 Domain ID. Again, every SEPM domain will be different so check Admin > Domains to find the correct Domain ID to use.#Contains Invalid Domain ID and the corresponding Domain ID to be used to move a client
#Wed Jun 07 17:58:24 CDT 2017
HWI83LM21M9S932AAPWGG524YTW99=B9D51233C0A8C5A6007AEB8641A0EB46
L27AAA45MND2U1JK564786DDDF87611=B9D51233C0A8C5A6007AEB8641A0EB46
Save the InvalidDomainChange.properties file after making the change and then restart the SEPM and SEPM Webserver services. This will redirect clients containing the two Domain IDs on the left to the Domain ID noted on the right.
-
Follow the steps in How do I replace the client-server communications file on the client computer? to provide affected clients with new communication that includes the correct Domain ID.
NOTE: The domain ID is just an identifier related to administrative domains under SEPM, it is NOT related to windows domain groups.
Feedback
