Endpoint Protection

Hello Kesavan,

Yes you are right...
We may use this tool primarily to get the information on Authentications.
Also there are many issues related to this. As I mentioned earlier there could be many scenarios and good ways to Diagnose these. I appreciate your participation in exploring ideas for the same.
When we are talking about authentications it also reminds me of one more imp. point about IIS. You may have seen Http401 mostly related to Authentications or ACLs (more information based on sub status code in the link I provided before for http error codes). This may be because of one important cause that we rarely think of. When was the IIS installed-
Before including the system into Domain or after that
Incase you are experiencing issues like
1. Login failure in SEPM ---Failed to connect to server.......
2. Unable to communicate with the reporting component after logging in to SEPM (Http 401 1)
When you try to add IUSR account into IIS Directory Security - Authentication and access control -Edit
You do not find IUSR in the Domain - need to switch the location to find that
There may be strong possibility that the IIS was installed before you included the system into Domain
In such a scenario you may need to backup the Symantec Web server (in IIS) at a location other than inetsrv and re-install IIS.
after that - Restore the Symantec Web server
Highlight Websites in IIS
Right click Websites - Tasks - New - Virtual Directory from file
Select the Backed up Symantec Web server and Add
Run SEPM Repair
This should resolve the issue.
I am going to place an Article on this. Just gathering a little more information and tests.
This has worked for me in many cases...
Best part is you don't loose SEP client communication- it is reset (Which was not there before).
For some clients you may use Sylink Replacer Tool to reset the communication.

Hope this info helps you :)

Note : There could be multiple causes for same HTTP errors. Again scenario based.

Thanks

hi
we may use IIS Diagnostic tool for troubleshooting IIS errors.
 
http://www.microsoft.com/DOWNLOADS/details.aspx?FamilyID=9bfa49bc-376b-4a54-95aa-73c9156706e7&displaylang=en

install this tool and then go to --> Auth Diagnostics 1.0.

Hi Santosh

Thanks for your information:)
IIS log is valuable when we trouble shooting SEPM failure.

Ivan

Hello Ivan,

I agree to your point that there are multiple reasons for this error.
Based on the scenario we will need to proceed.
Re-installation of IIS may be one of the resolutions however, it is completely based on scenario.
Please refer to the following link for detailed info on Http 400 Error

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/64e30660-d2f0-4e90-98cc-1652214a2b93.mspx?mfr=true

On this link you would be able to see other Http errors also.

Thanks :)

 

In many Java -1 cases, we can see there are multiple reason can cause this error, for most of the cases, we can advice customer back up all needed information like certification and database, then check if there are any other websites in IIS, if no other website hold by this IIS, then reinstall IIS, at control panel, add/remove programs, select Symantec endpoint protection manager, repair it. some times this work around solve problem in customer side.