1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem Symantec Endpoint Protection Manager - Broken!

Discussion in 'Software' started by Mikeyboy, Nov 4, 2010.

  1. Mikeyboy

    Mikeyboy Kilobyte Poster

    Hi Everyone,

    Just thought I'd ask on here to see if anyone has come across a similar problem. In work we have SEPM 11.05, using embedded database, on a Windows Server 2003 server, which is pretty old. Now it has been functioning fine mostly for ages now, but today, for some reason it has just stopped working - to be more specific, it wont connect to the database. Tried a few fixes, and had symantec on the phone for about 3 hours today, who ran through several more fixes, although still no joy - the other main problem seems to be that the SEPM service just seems to stop on its own, a few seconds after I start it.

    This has just started this morning, and I have spent most of the day trying to fix it, obviously if it can't be fixed I will have to reinstall, but this isn't the preferred option just yet!

    Would appreciate any ideas. :)
    Certifications: VCP,MCSA, MCP, MCDST, MCITP, MCTS, A+, N+
  2. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    Start with the basics.

    Anything in the event logs after the service stops?
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Office 365, Server 2016, CEH
  3. Mikeyboy

    Mikeyboy Kilobyte Poster

    Well theres about a million entries in Application logs, of Source secars, event ID 4096, and the error states initialise server configuration error.

    After starting the service, and it subsequently stopping, theres no error, just a warning, event ID 1202 "no mapping between account names and security IDs was done"

    Under the system logs, it just says the service has started, then the service is running, then the service has stopped...

    So dont think there is anything particularly pertinent in there :(
    Certifications: VCP,MCSA, MCP, MCDST, MCITP, MCTS, A+, N+
  4. SimonD

    SimonD Terabyte Poster Moderator

    Have you checked to see if the service account has expired or been locked out?
    Certifications: CNA | CNE | CCNA | MCP | MCP+I | MCSE NT4 | MCSA 2003 | Security+ | MCSA:S 2003 | MCSE:S 2003 | MCTS:SCCM 2007 | MCTS:Win 7 | MCITP:EDA7 | MCITP:SA | MCITP:EA | MCTS:Hyper-V | VCP 4 | ITIL v3 Foundation | VCP 5 DCV | VCP 5 Cloud | VCP6 NV | VCP6 DCV | VCAP 5.5 DCA
    WIP: VCP6-CMA, VCAP-DCD and Linux + (and possibly VCIX-NV).
  5. GSteer

    GSteer Megabyte Poster

    One thing I would check is that you've got the ports reserved in the regisitry so that DNS is not grabbing them. (Edit: if you're running DNS on that server, I'm so used to SBS boxes it's an automatic assumption)

    Run a "netstat -o > sepmtest.log" on the server and check through the log file to see if you've got anything listening on any ports listed on this page: http://service1.symantec.com/SUPPOR...edda0cd89141a6788025734e004b6a02?OpenDocument

    If you do, and even if you don't in fact as good practice, add the ports shown to the reserved list as per this KB: How to reserve a range of ephemeral ports on a computer that is running Windows Server 2003 or Windows 2000 Server

    It might not even be DNS thats using one of the ports, it could be something else you've installed or updated on the server, or it might not even be related to the ports but it's worth a look! The netstat output should show whats in use.

    Further Reading: You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037) - for interest, the first KB does reserve TCP and UDP ports although the orginal problem stemmed from the above DNS update.

    Further further reading on 2003/2008 port range changes: The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008
    Last edited: Nov 5, 2010
    Certifications: BSc. (Comp. Sci.), MBCS, MCP [70-290], Specialist [74-324], Security+, Network+, A+, Tea Lord: Beverage Brewmaster | Courses: LFS101x Introduction to Linux (edX)
    WIP: CCNA Routing & Switching
  6. nugget
    Honorary Member

    nugget Junior toady

    Did you do any updates to the server yesterday?
    Certifications: A+ | Network+ | Security+ | MCP (270,271,272,290,620) | MCDST | MCTS:Vista
    WIP: MCSA, 70-622,680,685

Share This Page