ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

You can't uninstall DLP 15.1 after upgrade because "a newer version is installed"

book

Article ID: 224723

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite Data Loss Prevention Data Loss Prevention Enforce

Issue/Introduction

You are trying to uninstall DLP 15.1 after upgrade, but it returns the following error:

"A newer version of Symantec Data Loss Prevention 15.1 MP1 Detection Server is installed. Uninstallation cannot continue. Please check the Symantec DLP KB for updated information."

The error will also occur for attempted uninstallation of the Enforce Server.

Cause

A known issue in the code will not allow uninstalls of 15.1 if more than 2 versions of DLP are present on the system.

Environment

Release : 15.1

Component : Default-Sym

Resolution

It is necessary to remove at least one of the other versions.

For example given above example (DLP 15.1, 15.7 and 15.8 present): you would first uninstall DLP 15.7, then uninstall 15.1.

Before removing 15.1, check to make sure that the highest version is using a different service account for the DLP services. I.e., make sure that it's not using the same account ("protect" or "SymantecDLP") as 15.1 is configured to use.

NOTE: If you uninstall 15.1, and 15.8 is using the same services - the 15.1 Uninstaller will remove the service accounts used by 15.8. After which, they will no longer function (requiring recreation of the services, or a reinstall of DLP.)

Tested steps for Enforce Server - for a Detection Server with this issue, substitute appropriate keynames, e.g., "Detection Server" for "Enforce Server".

Steps for removal of DLP 15.1 in Windows, to prevent the uninstall of 15.1 from also removing the "SymantecDLP" service account from higher releases.

  1. Uninstall the 3rd DLP install:
    • As noted, this might be 15.5 or 15.7, if 15.8 is also present.
    • Note that if only 2 major versions are installed, Symantec DLP 15.8 MP1 counts as a "third" install; it will be found in the "Installed Updates" in Windows Add/remove programs - and in such a case the 15.8 Maintenance Pack would need to be removed, and reinstalled after other steps have been completed.
  2. You may be prompted for a reboot here, but you should be able to decline that to continue the following steps - then reboot afterward.
  3. For backup measures, export a copy of the DLP registry hive:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\]
  4. Next, follow the steps to remove the following key. This is also the scripted removal step, given in KB 173164:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\Enforce Server\15.1]
  5. Remove the following keys to clear association with 15.1 and the service user shared by all versions under that key - in this example, the service user is "SymantecDLP":
    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\Users\<SymantecDLP>\Versions\15.1.0.25023]
  6. Also remove the following keys (so that no "Update" user should remain, as it's not used in latest releases) - in this example, the service "update" user is "SymantecDLPUpdate":
    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\Users\<SymantecDLPUpdate>] - note that removal of this key should remove the next 2 subkeys as well.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\Users\<SymantecDLPUpdate>\Versions]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\Users\<SymantecDLPUpdate>\Versions\15.1.0.25023]
  7. At this point, performing an Uninstall of 15.1 from "Add/remove programs" should be successful (even without a reboot).
  8. Steps to confirm removal and functionality of remaining DLP server afterward may include: 
    1. Check in Services.msc for the old DLP services (those without "service" in the name) - these should be gone from the Services list.
    2. You should be able to restart the running services (e.g., "SymantecDLPDetectionServerController service") without any issues.
    3. You should be able to reboot, for confirmation that the Enforce Server services have started automatically.
    4. You should then be able to login to Enforce 15.8 (or 15.7, whichever version remained).

Additional Information

If this issue occurs with only 2 versions of DLP present, please check the following article for a different issue:

Uninstalling Symantec Data Loss Prevention version 15.1 after upgrading to version 15.5 on Windows (broadcom.com)

Attachments