SEPM password reset while self defined as smtp server (default config) .
search cancel

SEPM password reset while self defined as smtp server (default config) .

book

Article ID: 276412

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You need to reset password and SEPM is unable to send email.

Please note that the below solution is provided as a best effort solution and Technical Support is not responsible for providing any further support on this matter. Due to the product limitations, the recommended and supported way to proceed is to follow our documentation on that topic.

Since following the official documentation may cause administration challenges such as lost policy configuration, groups etc. you can find below suggestion useful at certain situations to restore the password.

Environment

Enable FINEST and mail debug on SEPM ( scm.log.loglevel=FINEST, scm.mail.troubleshoot=1 ) according to: Enabling Tomcat server debugging for the Endpoint Protection Manager

1. SEPM is configured to use itself as a mail server - this is the default config.

- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\stdout log shows similar:

2023-11-27 09:28:58.632 THREAD 65 INFO: DEBUG: setDebug: JavaMail version 1.6.0
2023-11-27 09:28:58.633 THREAD 65 INFO: Start to send email to [<example_mail>@<domain>] using server: <SEPM _erver_hostname>
2023-11-27 09:28:58.635 THREAD 65 INFO: DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle]
2023-11-27 09:28:58.636 THREAD 65 INFO: DEBUG SMTP: useEhlo true, useAuth false
2023-11-27 09:28:58.636 THREAD 65 INFO: DEBUG SMTP: trying to connect to host "<SEPM _erver_hostname>", port 25, isSSL false
2023-11-27 09:29:01.746 THREAD 65 INFO: Deleting file C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\temp\fw_Nov 27_ 2023 9-28-58 AM 591.html

2. SEPM is configured to use external server that is no longer reachable.

Cause

SEPM is not deployed as smtp server and is unable to send any email by itself or configured smtp server is not reachable.

Resolution

Ad.1. If SEPM is with the default config:

  • Temporary install light free email server like: https://github.com/rnwood/smtp4dev/releases download, extract and start with cmd .\Rnwood.Smtp4dev.exe. Than going with browser on http://localhost:5000 you should be able to see emails.
  • Push password reset on SEPM and new email at freshly installed email server GUI should show up with a link to reset the password.

Ad.2. If SEPM is configured with unreachable external smtp server, but do not use encryption in communication, and work on port 25 plain text.

This can be check in file default location C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\mailConfig.properties.

  • Follow the steps from the first point to install email server on SEPM server or other external server that is reachable by SEPM
  • Edit SEPM system C:\Windows\System32\drivers\etc\hosts file and map the name of inaccessible smtp server with the IP address of the system where you run your email server.
  • Push password reset on SEPM and new email should show up at installed email server GUI with a link to reset the password.