HOW TO: Install Endpoint Encryption Manager on Standard Windows Operating System


Article ID: 179347


Updated On:


Endpoint Encryption




Some situations may necessitate installing the Symantec Endpoint Encryption Management Server (SEEMS) Console on a computer other than the server it was originally installed on. 

This is useful if you want administrators to run reports, create SEE Clients, or manage Helpdesk recovery without allowing access to the actual Symantec Endpoint Encryption Management Server.

Prerequisites: Additional database configuration is required to allow access for each user and must be done on the SQL Server by a database administrator.  See article TECH254548 for more information.  The steps in the preceding article should be completed before following this tutorial.


In order to install the SEEMS console on a non-server operating system (OS), perform the following steps:

  1. Log into Windows as one of the users granted database permissions, following the article above.
  2. Download the Symantec Endpoint Encryption package.  Be sure to use the same version currently being used in production for SEEMS.
    • In this example, the SEEMS has 11.2.1 HF1 installed, thus we will install 11.2.1 HF1 on our Windows 10 computer.
    • This package is the exact same package used to install the software on a Windows Server. It can be copied over from the server's downloads folder, or downloaded from the MySymantec product portal.
  3. Once downloaded, unzip the folder.
  4. Double click on SEE Server suite x64 if you are using a 64-bit OS, or SEE Server Suite if you are using a 32-bit OS.

  5. Once the program opens, click Next.
  6. Read the information on this screen and click Next again.
  7. Read the End User License Agreement, click the button next to I accept the terms in the license agreement, and click Next.
  8. Click Complete or Custom depending on what type of installation you would like.
    • Most situations will want to click Complete.
  9. Select the type of authentication you would like to use.
    • None (password authentication only) means a password will be used for authentication upon SEE client package creation.
    • Personal Identity Verification (PIV) means a card/token can be used for authentication upon SEE client package creation.
      Note: This feature is not for PIV authentication for SEEMS.
  10. Ensure the Use SEE Server box is checked if you would like the SEEMS console to communicate with an existing SEE database.

  11. Type in the database name in the Database Instance field, or click Browse to search for the database instance.
  12. Once the Database Instance has been selected, ensure the proper Database Name is inserted in the next field.
    • SEEMSDb is the default SEE database name.
  13. Enable TLS/SSL communication as directed by your SEEMS administrator.
    Note: This may require additional configuration, which will not be covered in this tutorial.
  14. Enter the correct port as directed by your SEEMS Administrator which the SEEMS console and the database will use for communication. The default port is 1433.
    Note: This may require additional configuration, which will not be covered in this tutorial.
  15. As the user account currently being used to login to windows was provisioned for SEEMS database access, keep the authentication method as Windows Authentication and click Next.
  16. If this step did not work, see KB article TECH254548  to ensure all prerequisites have been completed successfully.
  17. Enter the SEE Management Password as directed by your SEEMS administrator and click Next.
  18. Click Install.
  19. After the installation is complete, click Finish.


Validating Access with Your Account

Now that the installation process has now completed, confirm the SEEMS console is working properly with the following steps:

  1. Open the Start Menu and open Symantec Endpoint Encryption Manager in the programs list:

  2. Expand the various snap-ins and ensure they work as expected.
  3. To ensure the database communication is working as expected, expand the Symantec Endpoint Encryption Reports snap-in and run a report
    • The following screen shot shows the Computer Status Report being successfully run (the % is a wildcard, showing all computers):