Recovering Symantec Endpoint Protection Manager's Admin password when password recovery e-mail does not arrive.
search cancel

Recovering Symantec Endpoint Protection Manager's Admin password when password recovery e-mail does not arrive.

book

Article ID: 186559

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

The SEPM's password reset e-mail is not getting delivered when using the Forgot your password link option.

Environment

Symantec Endpoint Protection Manager 14.x

Cause

Any problems with e-mail delivery along its network route prohibit it from being delivered to the recipient's address.

Resolution

  1. Stop the service "Symantec Endpoint Protection Manager". 
    • Click Start > Run.
    • Type "Services.msc".
    • Select the "Symantec Endpoint Protection Manager" service.
    • Select "Stop".
  2. Navigate to C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Tomcat\etc and edit the conf.properties file. Due to restricted permissions, it might be handy to copy overt the file to a different location for editing purposes, and replace it by copying afterwards.
  3. Alter the line which reads: scm.log.loglevel=WARNING to scm.log.loglevel=FINEST.
  4. Append the following new line to the bottom of the file: scm.mail.troubleshoot=1.
  5. Save and close the file, start the the "Symantec Endpoint Protection Manager" service using procedure from point 1.
  6. Launch the SEPM console and request the password reset email again.
  7. Open the following log file: (...)Symantec Endpoint Protection Manager\tomcat\logs\stdout-0.log.
  8. Search the file for the phrase "PasswordServlet" in the log - it should contain the password reset link.
  9. Click the link to open it in a browser on your SEPM, and follow the normal password reset procedure from there on.


Note: Please be sure to revert the changes made to the conf.properties file and restart the SEPM service again when the password reset procedure is finished.

Additional Information

Please do note, that this workaround is not proven to work in 100% of cases and Symantec does not guarantee this procedure to work.

In case of forgotten password and inability to send the password reset link, the only proven method to re-gain access to the SEPM console, is a database recovery to the last known, working configuration.
Symantec does not assist in password recovery if you cannot recover your password with the Forgot your password? functionality. Please refer to the following TechDocs article --> https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/managing-groups-clients-and-administrators/managing-administrator-accounts-v17364367-d1e6/resetting-a-forgotten-password-v16011680-d1e1777.html.