Option 1 - Remove and refresh the the SEPM token:
- Log in to SEPM Web Service Application Registration page using admin credentials and the URL: https://<IP_OF_SEPM>:8446/sepm
- Select the SEDR web service application (it will be labeled "Default/<SEPM_ADMIN_LISTED_IN_SEDR>:web")
- Click "Delete application"
- Refresh the SEPM credentials from within SEDR
- Login to the SEDR GUI
- Navigate to Settings -> Global -> Endpoint Communication Channel, SEP Policies, and Endpoint Activity Recorder ->
- Click the three ellipses next to the SEPM Controller and select SEPM Controller Connection
- Re-enter the SEPM admin password
- Click "Save"
Option 2 - Remove the SEPM connection and configure a new connection:
- IMPORTANT: Copy information on the inclusions, exceptions, and all other settings configured before proceeding.
- In EDR's web user interface go to Settings > Global > Endpoint Communication Channel, SEP Policies, and Endpoint Activity Recorder click on the three dots and click "remove."
- Click add server to re-add the SEPM controller connection.
- For specific steps and considerations on re-configuring the SEPM connection as a new connection see the latest version of the EDR documentation by searching for
Configuring the Endpoint Communications Channel (ECC) after going to the
Tech Docs Portal and entering Endpoint Detection and Response. There you will be able to perform your search and review the needed documentation.