After enrolling your Endpoint Protection Manager (SEPM) into Endpoint Security (SES) to utilize the additional features of SES, clients show the error "Content out of date and Intensive Protection disabled due to Licensing." in the SES Portal. The correct Symantec Endpoint Security Complete (SESC) license is applied already.
Due to a certificate update, new enrollments or license updates may trigger clients to run into this issue.
The following error will be seen in the bridged SEPMs semapisrv_log*.log:
ERROR c.s.s.s.c.e.h.GlobalControllerExceptionHandler - EXCEPTION: Policy payload is not signed properly.
com.symantec.sepm.server.module.common.data.configobject.ValidationException: Policy payload is not signed properly.
SEPM enrolled into the SES cloud
SESC license is applied
This issue is currently being investigated and this document will be updated once the issue is resolved.