How to manually unenroll Protection Engine scanners on Windows

book

Article ID: 222350

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS Protection for SharePoint Servers

Issue/Introduction

You need to manually unenroll Symantec Protection Engine (SPE) when the normal unenrollment process fails.

Environment

SPE 8.0+ on Windows

Resolution

  1. Stop the "Symantec CAF Service" service.
  2. In File Explorer, navigate to "C:\Program Files\Symantec\Common Agent Framework\" and make a backup copy of CAFConfig.ini.
  3. Download the default CAFConfig.ini from this page and place it in the directory mentioned above. Make sure to rename it to CAFConfig.ini.
  4. Rename CAFStorage.ini to a different name (i.e. CAFStorage.ini_backup).
  5. Navigate to SPE's installation directory (normally C:\Program Files\Symantec\Scan Engine).
  6. Make a backup of the centralmgmt.xml file.
  7. Open CMD or PowerShell as administrator and navigate to SPE's installation directory (normally C:\Program Files\Symantec\Scan Engine).
  8. Run the following two commands so that SPE appears to be unenrolled:
    • .\XMLModifier.exe -r /centralmgmt/Configuration/EnrollmentInfo/DeviceID/@value centralmgmt.xml
    • .\XMLModifier.exe -s /centralmgmt/Configuration/EnrollmentInfo/Status/@value 0 centralmgmt.xml
    • Note: To complete the unenrollment fully, the Symantec Protection Engine service will need to be restarted. If you plan to re-enroll the scanner, you can skip restarting and go straight to the last step.
  9. If you do not plan to re-enroll the scanner, restart the Symantec Protection Engine service.
  10. To enroll the scanner again, run the enroll.bat from SPE's installation directory.
    • You may need to download a new enrollment script from the cloud console
    • In the Centralized Console, go to Settings -> Downloads

Additional Information

For the same instructions in Linux, see: https://knowledge.broadcom.com/external/article/222691

Attachments

1629753044014__CAFConfig.ini get_app