Endpoint Protection

 View Only
  • 1.  Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Oct 18, 2007 01:55 PM
    Long story, short.  I uninstalled a seemingly corrupt installation of the SEPM which already had a few groups each containing a few computers.  After I reinstalled SEPM, I can add in the old clients but they don't ever seem to communicate/sync up with the server.  I have tried to update the policy from the Client, tried to manually add in clients, tried to reinstall the client via Migration and Deployment Wizard which is what I used the 1st time and I even ran a searh on unmanaged clients.  While the search works great, these computers happen to be managed from the previous installation so they won't show up on an unmanaged search.

    I am pretty sure I could do a complete uninstallation of the Client then reinstall via the Manager but I don't get why I can find unmanaged computers and have my way with them when I can't find managed ones and do the same.

    Any help/Ideas would be greatly appreciated.


  • 2.  RE: Adding Client to Manager after Manager re-installation?

    Posted Oct 18, 2007 02:11 PM
    This is something I put together from posts in this forum.

    I found a thread in Symantec's forum on making an unmanaged agent managed.

    First, find sylink.xml in the following directory: E:\Program Files\Symantec\Symantec Endpoint Protection manager\data\outbox\agent\  There are several random character folders that hold the client builds, each folder having its own sylink.xml.  I picked one at random figuring I can control the group membership once things link up.

    On the client you need to run a command prompt

    Change directory to the client install directory.  The directory Symantec mentioned was: C:\Program Files\Symantec\Symantec Endpoint Protection  My client is installed at: c:\Program Files\Symantec Antivirus due to being an upgrade from an older version.

    From the command prompt run the following commands

    Smc -stop

    Over write the symlink.xml in the client directory with the one from the server.

    Now run this command

    Smc -import symlink.xml

    Smc -start

    The client should now be registered with the server.

    Open the client and Choose Help and Support / Troubleshooting.

    You can now see what group your client is assigned to.

    My client was assigned to the Temporary Group.  I then moved it with the consol to the IT Test Group.  Clicking on Update or Update Policy makes the client pull down new settings from the server.



  • 3.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Oct 18, 2007 02:40 PM
    Worked like a charm!  Thanks Matt :smileyhappy:


  • 4.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Nov 03, 2007 05:26 PM
    I seemingly have the same problem. Is there an easier way like a script, that i can let the users run, i have roughly 300 clients in 5 locations, and its kinda tedious to do this all manually. 
     
    I think they need a patch that allows unmanged clients to be "pulled" in to the SEPM instead of having to do it this way.


  • 5.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Nov 04, 2007 01:04 PM
    Hey Steve,

    I just wrote a little batch file that I had all my users kick off in order to make my life easier.  Use Matt's guide to create it.


  • 6.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Nov 04, 2007 01:25 PM
    Wow, fantastic.
     
    If its not a problem, do you mind posting it up?
     
    It would save others that encounter this problem some work in getting the clients "re-added"
     
    Thanks in advance


  • 7.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Nov 04, 2007 01:40 PM
    Hi,
     
    I am seeing a few problems here.
     
    1) Stand-alone clients are being deployed out to the network rather than clients that are managed by SEPM.
    2) Confusion over the use of the unmanaged client detector.
    3) Complex work-flow to convert a stand-alone client to a managed client.
     
    The client install in the SEP directory ion the CD is a stand-alone client. This install should only be used if you expect to have the local user interact with the SEP client and you do not want to manage it centrally. If you want to generate a client package that will be managed in SEPM, you need to export a client package from the Console or alternatively use the migration and deployment wizard to deploy out clients.
     
    The unmanaged detector feature in the console, is used to find systems that are running without protection or non-SEP clients. It cannot find a stand-alone SEP client. Although this sounds like something that might need to be added to help with the workflow.
     
    Regards,
     
    JimW


  • 8.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Nov 05, 2007 10:40 AM
    This is assuming a few things.  1) Your installations were installed onto C Drives and default location  2) You have a network shared location that the file Sylink.xml can be centrally located wgich all workstations have access to.  3) You have copied the Sylink.xml from the SEPM directory and placed it in your share location(This is explained in Matt's response).  Text in bold is what you want in the .bat file although not exact depending on your setup.

    c:
    cd \"Program Files"\"Symantec Antivirus"\ 

    This could be cd \"Program Files"\Symantec\"Symantec Endpoint Protection"\  If you didn't upgrade your installations from Symantec Antivirus like I did.  Either way you need to be in the programs directory on the local computer.

    Smc -stop This stops your Anti-Virus service.
    copy "Your shared network drive"/Sylink.xml C:\"Program Files"\"Symantec Antivirus"\ Again this could be \"Program Files"\Symantec\"Symantec Endpoint Protection"\.
    Smc -import symlink.xml Imports the new file into Endpoint Protection.
    Smc -start Restarts the Anti-Virus server.



  • 9.  RE: Adding Client to Manager after Manager re-installation?

    Broadcom Employee
    Posted Dec 04, 2007 06:59 PM
    Hello,

    I'm having this problem as well--clients are not showing up in the SEPM console and are not getting updated. I've tried to install clients using the deployment wizard method and via the find unmanaged computers methods. The only client that is showing up in the console is the one that is running the SEPM console (local machine).

    I have tried the above sylink.xml method with numerous clients, have experimented with creating new client packages with both push and pull installs, and have even reinstalled both the server and client with no better results.

    Does anyone have any other suggestions?

    Thank you.


  • 10.  RE: Adding Client to Manager after Manager re-installation?