Access denied or Error: 87 while installing Symantec DLP endpoint agent

book

Article ID: 184253

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

Symantec Data Loss Prevention (DLP)
Endpoint Agent

You are receiving below mentioned errors while installing DLP Endpoint Agent on endpoint machines: 




 

2016-12-02 13:59:52 | PreInstallCleanup | SEVERE | FindAndRemoveDriver(): OpenSCManager failed: Access is denied

action: DecryptFile():
'C:\Users\ADMINI~1\AppData\Local\Temp\cg.ead': failed, Error: 87
--result: The parameter is incorrect

Cause

This issue is caused because of OS hardening or permissions due to which Symantec DLP Endpoint Agent is unable to invoke its DLLs and access certain registry keys.

Environment

Windows 7, Windows 10

Resolution

1. Download Process Monitor from https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx and then run it
2. Click on below shown icons to disable them. You will find these icons just below Menu Bar



3. Click on the filter icon



4. Look for any item under Action column that says “Include”. Uncheck them if there are any



5. Select “Process Name” as a first condition, “is” as a second condition, type “msiexec.exe” as a third condition and “Include” as a last condition



6. Click “Add” and then click to save changes



7. Run Symantec DLP Endpoint Agent installer and follow it till the error is received
8. 
Click on File menu and click Save



9. 
Select below highlighted options, select Format as CSV, select the path where you would like to save your report and click Ok



10. 
Open the saved CSV file in a excel spreadsheet and add a filter to Result column



11. 
It will look something like this



12. Click on filter, uncheck Select All, select Access Denied and then click Ok. This will filter out Access Denied results on file and registry paths due to which the issue is happening

Attachments