This document describes the procedure for installing and configuring Symantec Endpoint Encryption (SEE) 6.x in an environment that does not currently have the product installed. Please note that the procedure for installing SEE 7.x and 8.x is different. See TECH131424 for detailed instructions on installing SEE 7.x.
Verify the environment
Before installing Symantec Endpoint Encyption, verify the system environment and the system requirements. You will need:
NOTE: The SEE Server must be upgraded to Active Directory Application Mode (ADAM) SP1 before upgrading to Windows Server 2003 SP2
After verification of a supported environment, follow this specific install sequence:
Required Accounts and Groups
Before attempting to install the SEE Server, verify that the following Accounts and Groups are created on the SEE Server:
|Account/Group Type||Sample Name/Function *|
|Domain User||ADAM Admins|
|Domain User||ADAM Client|
|Domain Group (optional)||ADAM Admins DG **|
|Domain Group (optional)||ADAM Clients DG**|
|Local Group||ADAM Admins LG|
|Local Group||ADAM Clients LG|
|Domain User||Client Administrator|
* Do NOT use sample names in a production environment
** Creating optional groups requires an account with create child permissions in Active Directory
Symantec Endpoint Encryption Server Initial Instance
Before installing, verify that the appropriate users and groups have been created within Active Directory. You will also want to have at least one local administrator account on the SEE Server that possesses sufficient rights to run the ADAM install, create local groups and add domain user accounts as members of the local groups. Also verify that the Windows Server 2003 system has been joined to the appropriate domain as a member server.
The SEE Server log files are located in C:\WINDOWS\Debug to assist with troubleshooting installation issues.
Symantec Endpoint Encryption Server Replication
After the install of the initial instance, optional installs of replica instances can take place if desired. This will allow for SEE Client systems to select the closed SEE Server instance based on network topology.