Symantec Protection Engine Controller service will not remain started after upgrade

Products

Protection Engine for Cloud Services Protection Engine for NAS Protection Engine for Cloud Services

Issue/Introduction

After upgrading from Protection Engine for Cloud 8.2.1 to version 9.x the Symantec Protection Engine Controller service will not remain started. It will quickly abort on error 1053.

The abort log, "SymantecProtectionEngineControllerAbortLog.txt" contained the following reasons:

Symantec Protection Engine Controller is shutting down; logs may contain more information : VirtualHome definitions mode is disabled.

URL Filtering should not be enabled in VirtualHome definitions mode. Turning off VirtualHome definitions mode..

Environment

Release : 9.0.1

Cause

1. The file configuration.xml was corrupted or had invalid characters in it due to being edited directly.

There were multiple entries in configuration.xml for "<CloudName value="none"/>" where there should only be one. This caused the upgrade to double/triple the JavaLocation and other sections. This section directly preceded the "VirtualHome" setting. It is believed the duplicate sections made it difficult to parse the xml file for the correct information.

Example:

2. As per the error message, URL filtering is enabled and should not be in the current configuration.

NOTE: Occasionally licenses have been released containing the as section similar to the following--which renders the URL Reputation Filtering portion of the license invalid. The license should be reissued by a Sales Representative.

If the URL Filtering license is rendered invalid, and URL Filtering is enabled then this will cause the Controller service to abort.

Resolution

For Cause 1. There is no xmlmodifier command that will remove duplicate sections. Manual editing of the file will be required.

Make a backup copy of configuration.xml
With configuration.xml loaded into a good text editor remove the duplicate entries so that only one remains.
Save the configuration and start the service.

For Cause 2. Disable the URL filtering features.

Linux:

1. Go to /opt/SYMCScan/bin
2. Run the following commands:

./xmlmodifier -s //filtering/URLFilter/@enabled false filtering.xml

./xmlmodifier -s //filtering/URLReputation/@enabled false filtering.xml

./symcscan.sh restart

./controller.sh start

./controller.sh status

Windows:

1. Open an administrative command prompt:
2. Go to the Scan Engine folder: CD "C:\Program Files\Symantec\Scan Engine"
3. Run the following commands in order:

xmlmodifier -s //filtering/URLFilter/@enabled false filtering.xml

xmlmodifier -s //filtering/URLReputation/@enabled false filtering.xml

net stop symcscan && net start symcscan {or go to the Services panel and restart Symantec Protection Engine service and verify that the controller service started also}