Account name and password requirements for Endpoint Protection

book

Article ID: 154495

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes the allowed length and allowed characters for the different accounts and passwords that are required to administer Symantec Endpoint Protection.

"Error 11501: Unable to create the database for Symantec Endpoint Protection Manager"

"Error 11501: Unable to connect to the database"

Resolution

The following account name and password requirements are enforced:

Symantec Endpoint Protection Manager Administrator Accounts

  • Username: 

    • No more than 20 characters allowed.

    • The following characters are not allowed: "/ \ [ ] : ; | = , + * ? < >

  • Password:

    • If you install with a SQL Server database, then all characters are allowed, but no more than 256 characters, and no fewer than 6 characters.

    • If you install with an embedded database, then the password can contain no more than 30 characters, and no fewer than 6 characters.

      • The following characters are not allowed if you install with an embedded database: \ " ; space character.

The same username and password are used for the administrator account and for the SEPM with embedded database.  There are separate requirements for the Endpoint Protection Manager with SQL Server database configuration.

SQL Server Authentication 

  • SQL Server Administrator Name (DBA user):
    • Cannot be blank.
    • Only the following characters are allowed: lower case and upper case letters, numerals, and the special characters: & _ # $
      • Other special characters are not allowed.
    • The default value in the SEPM is "sa" (the default built-in administrator account for SQL Server). You can specify any account that has Server Administrator access rights.
  • SQL Server Administrator Password (DBA password):
    • No more than 128 characters allowed.
    • All characters are allowed, including hi-ASCII or double-byte characters, except the following limitations based on Symantec Endpoint Protection Manager version and Authentication Method:
      • Prior to 14.2 RU1, the characters: " [ ] { } ( ) , ; ? * ! @ " ; are not allowed for SQL Authentication and Windows Authentication
      • SEP 14.2 RU1 and above, the characters: " [ ] { } ( ) , ; ? * ! @ " ; are not allowed for SQL Authentication, allowed for Windows Authentication
      • The characters: < > are not allowed for Windows Authentication.
  • See the Microsoft documentation for recommendations about setting this password.
    • This password is set on your SQL Server computer.
    • You do not create it on the SEPM; you only provide it.
  • SQL Server Database Administrator with Windows Authentication:

    • Uses the existing Windows username and password for the database server.

    • The characters: < > / “ are not allowed for the Windows Authentication password. 

  • SQL Server SEP Database Name:

    • Cannot be blank.

    • Only the following characters are allowed: lower case and upper case letters, numerals, and the special characters & _ # $

      • ​Other special characters are not allowed.

    • The default value for the Symantec Endpoint Protection database is sem5 (the same value as for the database username).

SEPM with Embedded Database

  • Database username (User): 
    • No more than 128 characters allowed; cannot be blank.
    • Only lower case and upper case letters, numerals, and the following special characters are allowed: ~ # % _ + = | : .
      • The following special characters are not allowed: ` ! @ ' $ ^ & * ( ) - { } [ ] " \ / < ; > , ?
    • The default value for the Symantec Endpoint Protection database username is sem5.
  • SEPM Database User Password (Password):
    • ​No more than 128 characters allowed; cannot be blank.
    • Only lower case and upper case letters, numerals, and the following special characters are allowed: ~ # % _ + = | : . /
      • The following special characters are not allowed: ! @ * ( ) { } [ ] ; , ?

Encryption password

  • The Management Server Configuration Wizard can generate this password for you.
  • If you choose to set your own password, it can contain no more than 32 characters and no fewer than 6 characters. All characters are allowed.

Symantec Endpoint Protection Manager Group names

  • A group name can contain no more than 990 characters.
  • The full path of the group name can contain no more than 1000 characters.
  • The following characters are not allowed: " / \ * ? < > | : &

Symantec Endpoint Protection Manager Domain names

  • A domain name can contain no more than 256 characters, and it cannot be blank.
  • The following characters are not allowed: " / \ [ ] : ; | = , + * ? < >

Symantec Endpoint Protection Manager Site names

  • A site name can contain no more than 60 characters, and it cannot be blank.
  • All characters are allowed.