Workflow and ServiceDesk Community

Hi,

Does anyone have SEP Components running in a Workflow with SEP 14 MP1? Since upgrading from SEP 12 I have problems running the workflow using the Sep components.

The article here https://support.symantec.com/en_US/article.HOWTO55918.html points to version 12.1 and nothing more. Also the "setting" tab where you could activate web services earlier seemed to dispappear from the console.

So far the first person from Symantec support I talked with said the services should be still there. When trying to fix the problem with another person from support, that person was suddendly unsure if it should work or not.

Stefan

It's not valid for 14.

I was hoping that was not the case. The release notes do not point out that this feature is removed.

Anyhow, I saw there seems to be a new API. However it seems like it does not contain all the features which were in place earlier. Do you have any insigth about that?

Can't say whether or not it will be included in future releases but I know for now it doesn't work. 

The API doesn't have much yet. Basically you can auth to the SEPM, get the version, get a list of groups, get fingerprint lists, and assign the lists to groups for system lockdown. More should be added as the product matures though.

If there are WSs or APIs available you could create your own components using either the Web Service Generator or the REST Generator via the Integration Library instead. 

The Endpoint Protection components that are currently available in Workflow Solution are not compatible with Endpoint Protection 14 and it's maintenance packs. This is due to changes made to the Endpoint Protection web services with the release of 14.

The Workflow development team is aware of the issue and is working on getting the components upgraded to work with version 14. No other update is available at this time.

I asked my engineer if Workflow will work with SEPM 14 MP1, due to the Rest API issue, here was his reply:

              * SEP14 has a Restful API currently today

              * Symantec Workflow has SEP components

  The issues are

               * The current SEP components only work with SEP 11/12

               * The current version of Workflow has a components generator that can generate components from a Restful API.

                        ** The issue of why we cannot create the components ourselves are two fold

                                    ** SEP 14's API requires TLS v1.2
                                    ​** Symantec Workflows component generator only negotiates TLS v1.0 currently

What I tried as a work around is to change the Tomcat configuration for the SEPM API to allow TLS v1.0 (insecure I know, but I wanted to see if it would work). However, the API is coded to prevent this as it will not allow authentication to occur with TLS v1.0.

 What I did was working with the Symantec's Product Manager over Workflow is

            * He created a case with Engineering to patch Workflow to allow TLS v1.2

 Working with the SEP Product Manager

            ​* He created a case with Engineering to update the SEPM components for SEP 14.

Right now, since it has went to Symantec engineering, they cannot give me a time frame of when these fixes will be released. The only other option we would have is to have an actual developer write the SEP components utilizing C# (That is what Workflow is coded on underneath). Hope this helps describe the issue. - D.R.

You could use Telerik JustDecompile to see how the original components were created.

-

I've written a Component Developer Guide if you want a head start for writing them yourself.

• Workflow - Component - Developer Guide

Hi jvan,

It seems like you have investigated a lot around the new Rest API in 14. I have come so far that I can receive access token. When I then try to for example query the groups like I have found in a example:

GET /sepm/api/v1/groups HTTP/1.1
Authorization: Bearer c34692c5-201d-4d94-b0f8-61ed03383337

I get

{
  "errorCode": "401",
  "errorMessage": "The user is not authorized to access this resource"
}

So I wonder what permissions the user needs to have. Or does it need to be the "sysadmin" to be able to get further?

Regards

Stefan

It seems like I have answered my last question myself. When I use a "sysadmin" I can get further and for example query the list of groups.

Now I am investigating:

/api/v1/computers

PATCH(Experimental)

Request

Anyone tried this out to move a client to a specific group? So far I have not figured out how the request would look like which I have to send to the server.

Symantec Endpoint Protection Manager 14 REST API Reference
https://support.symantec.com/en_US/article.DOC9447.html

• REST API documentation for version 14

Search for you Endpoint and there is the list of parameters.

/api/v1/computers

• pageIndex
• pageSize
• sort
• order
• lastUpdate
• domain

I'd advise using POSTMAN to test these out.

You can create an Auth token and use that in subsequent Requests too.

This is where I found the information. And yes I can query the list of computers. I was hoping with PATCH to move a client from one group to another. There is where i need a little help to sort out how the REQUEST should look like. Seems like I shall send an array of computers. And somewhere I guess I required to specify the group where the computers should be moved to.

(I am using POSTMAN. That works great to get started.)

If you call the API to get a list of Computers and see how that is returned, the content from the Page type, then copy it 

the body will be a JSON array, you can build that up using the app or just as a string

[
  {
    "description": "Blah",
    "OTHER FIELD": "VALUE"
  },
  {
​    "description": "This",
    "FIELD": "Value"
  }
]

Symante Support helped me out. Here the example how the body should look like:

[
               {
               "group": {
                              "id": "9FF5ED650ADA160555D831969F6279F8"
               },
               "hardwareKey": "9F6EBFAADB335B70B30095850D70FB44"
               },
 
                                {
               "group": {
                              "id": "9FF5ED650ADA160555D831969F6279F8"
               },
               "hardwareKey": "8D6387C6C94F1C5501695E9212777B1C"
              }
]