Note: For new installs make sure the password configured for the SEPM Admin account meets applied Windows Password Policy GPOs
Option 1: Temporarily disable password requirements through the local Security policy, then re-run the install. See details and Microsoft's documentation here: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-policy
- Open gpedit.msc
- Navigate to Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy
- Lower "Minimum Password Length" to at least 8
- Re-run the upgrade.
Option 2: Follow Disaster Recovery process to reinstall and bypass the install script and allow for a custom password.
Uninstall the SEPM completely, and reinstall with a blank database.
- Open Control Panel > Programs and Features
- Select Symantec Endpoint Protection Manager
- Select Change
- Choose Next > Remove
- Check "Remove the database during uninstall".
- Leave "Remove the database backup files during uninstall" unchecked
- Select Next > Remove
Once the uninstall is completed, start the install of the SEPM.
- In the Symantec Endpoint Protection Installation Program dialog box, click Install Symantec Endpoint Protection, and then click Install Symantec Endpoint Protection Manager.
- Review the sequence of installation events, and then click Next to begin.
- In the License Agreement panel, click I accept the terms in the license agreement, and then click Next.
- In the Destination Folder panel, accept the default destination folder or specify another destination folder, and then click Next.
- Click Install.
- The installation process begins for the Symantec Endpoint Protection Manager management server and console. When the installation is complete, click Next.
- After the initial installation completes, you configure the server and database. Click Next.
- The Management Server Configuration Wizard starts. Note: You can also start the Management Server Configuration Wizard at any time after installation from Start > All Programs > Symantec Endpoint Protection Manager
- Select Installing Symantec Endpoint Protection Manager With the Default configuration for new installation selected, click Next.
- The default configuration automatically installs the default database, Microsoft SQL Server Express
- Enter company name, a password for the default administrator admin, and an email address. Alternately, you can add details to use a specified mail server.
- Optionally click Send Test Email. Symantec Endpoint Protection Manager sends password recovery information and other important notifications to this email account, so you should not proceed with configuration if you do not receive the email.
- Once you verify that you receive the test email, click Next.
- LiveUpdate runs automatically as part of a new installation.
- You can also add the optional Partner Information, if a partner manages your Symantec licenses, and then click Next.
- Indicate whether you want Symantec to receive pseudonymous data, and then click Next to begin the database creation.
- The database creation can take several minutes.
- When the database creation completes, Uncheck "Start Endpoint Protection Manager" and click Finish to complete the Symantec Endpoint Protection Manager configuration.
You will then want to start the database restoration through normal processes. see the instructions located here: Restoring the database
Once the database is restored, a couple items need to be considered:
- Server Certificates need to be restored or re-imported. There are multiple methods to do this, so review Updating or restoring a server certificate for the best method.
- 14.3 RU1 client packages need to be imported. You can get the packages from the unzipped install media in the "SEPM/Packages" folder. you can use 7zip to open the exe, run the exe. they will appear in the "AppData\Local\Temp" in a folder with randomly generated characters. The client installation package consists of two files. One file is named product_name.dat, and the other file is named product_name.info.
then follow Importing client installation packages into Symantec Endpoint Protection Manager to import the packages.