No data from SECARS when reporting agent registration info
Created: 10 Jun 2012 | 17 comments
I am facing this exact situation:
https://www-secure.symantec.com/connect/forums/cli...
same errors in esrecreg.log, same errors in sylink monitor. Older clients have the green dots, the newer ones dont have it. Tried the solution from the link (changing from port 9090 to something else) and it still does not work. Running endpoint 11 ru7, mp2
Discussion Filed Under:
Comments 17 Comments • Jump to latest comment
Have a look at this document:
After migration to 11.0 RU7 clients are not updating or connecting - Sylink.log 500 internal server error
http://www.symantec.com/docs/TECH168828
HTH!
that's for windows xp, i'm running server 2008 r2
Hello,
Are you using Windows 2008 Server / Windows 2003 64 bit server?
Could you pull and upload the sylink.log from the newer clients to us to check the root cause of this issue?
Secondly, are these newer client machines cloned / imaged ? If yes, check this: http://www.symantec.com/docs/TECH96808
Are you using any proxy?
Check this Article and work on the steps provided in it.
After migration to 11.0 RU7 clients are not updating or connecting - Sylink.log 500 internal server error
http://www.symantec.com/docs/TECH168828
OR / AND
Possible Causes: Legacy proxy settings in the registry still persist after environmental changes on client machine.
Solution
The legacy proxy settings can be removed by performing the following steps:
1. Open the registry (Start->Run->type "regedit").
2. Go to HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\InternetSettings\connections
3. Delete the registry keys "DefaultConnectionSettings" and "SavedLegacySettings".
4. Reboot the machine.
Note: These registry keys will automatically regenerate after reboot of machine.
Also, this also could be caused due to incorrect proxy server information in the following registry location: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\InternetSettings
Removing the incorrect proxy info from this key and then rebooting allowed the client to communicate normally.
One important thing to keep in mind is that any incorrect proxy information must also be removed from the following two locations as well:
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
If the settings are not removed from these two keys, they will repopulate the Internet Settings key after every reboot.
Remove the incorrect proxy information from all 3 registry locations noted above, then reboot.
Just to add, in many of my cases, where was an issue with the System Account at User Proxy Level. They had to Bypass the Proxy on the server.
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
I am using 2008 r2.
None of the machines are clones
No proxy
I already looked at that article, it applies to xp.
Already checked the proxy settings - no proxy, deleted those two keys jsut to try it, didnt fix anything.
attached the sylink monitor
Try by disabling firewall and UAC
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
firewall and UAC disabled, still the same
Try this as well
Replace the Serdef.dat file on the SEP 11 Client
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Already tried this
Try by repairing SEPM....
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
We were using RU6 when i noticed this error, i upgraded to RU7, and then RU7 MP2.
Should i still repair SEPM?
Then I think some permission issue in IIS.
Run SEP support tool and see whether it is reporting some issues...
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
This is the error i am getting. My understanding is that 8005 is not used and i can ignore that error.
Error: No applications are using 's configured port 8005 with a start of 'Listen'
Information: IIS location /LM/W3SVC/2 is not configure for SSL
Is it using 8765 intead of 8005?
<EDIT>
If no follow the below procedure
To change the Tomcat port
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\conf\
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
tomcat IS listening on port 8765, its the very next line. Like i said, my understanding is that we can ignore this error.
see attached screenshow
Look like this error can be ignored. Can you please post scm-server-0.log...
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
2012-06-11 15:51:22.485 SEVERE: ================== Server Environment ===================
2012-06-11 15:51:22.485 SEVERE: os.name = Windows Server 2008 R2
2012-06-11 15:51:22.485 SEVERE: os.version = 6.1
2012-06-11 15:51:22.485 SEVERE: os.arch = x86
2012-06-11 15:51:22.485 SEVERE: java.version = 1.6.0_31
2012-06-11 15:51:22.485 SEVERE: java.vendor = Sun Microsystems Inc.
2012-06-11 15:51:22.485 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
2012-06-11 15:51:22.485 SEVERE: java.vm.version = 20.6-b01
2012-06-11 15:51:22.485 SEVERE: java.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jre
2012-06-11 15:51:22.485 SEVERE: catalina.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat
2012-06-11 15:51:22.485 SEVERE: java.user = null
2012-06-11 15:51:22.485 SEVERE: user.language = en
2012-06-11 15:51:22.485 SEVERE: user.country = US
2012-06-11 15:51:22.485 SEVERE: scm.server.version = 11.0.7200.1147
2012-06-11 15:51:29.664 SEVERE: ================== StartClientTransport ===================
2012-06-11 15:51:30.341 SEVERE: Schedule is started!
Not finding any error. Please increase the debug level as per below KB and post scm-server-0.log
How to debug the Symantec Endpoint Protection Manager
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Would you like to reply?
Login or Register to post your comment.