Endpoint Protection

Why you want to uninstall?
If it is still reporting to SEPM ,in the console go to Clients---> <req. group> --->policies --->security settings and remove the password.
Give update policy in the client to get the policy affective... 

If no other way try this workaround
when password prompt opens, run task manager and END
task called MSIEXEC that runs under your user account (not system). The password
go away and uninstall continues !!

 

HOW TO: Uninstall Symantec Endpoint Protection (SEP) client silently using the command line 

add these two registry keys above your msiexec

hi Aravind,

Thanks for ur help.
I have to use the logon script to do so. May i know how to unlock  Endpoint by logon script .

Many thanks.

 https://www-secure.symantec.com/connect/forums/how-uninstall-10000-symantec-endpoint-protection-clients

Hi Friend,

THX for ur info~~

I tried adding two regisrty above, but still  prompt up the password once uninstallation by "msiexec /x {76B2BC31-2D96-4170-9C44-09E13B5555F3} /qb"

Any idea?

ideally it should not ask,
when you run the script and add the registry value, just check the same path in registry, may be value is no turning 0
try adding the registsry key , the two value should be 0, and then run msiexec.exe

Thanks a lot indeed.

I tried version 10 is ok. But Endpoint Security still prompt up. Two values are set to 0.

Thanks

for sep
navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC
on right hand side, you wil find a key called SMCINSTDATA
delete that key and do the uninstall.
let us know the result

found out this on my machine running on MU5, the above trick not gonna work in MU5, 11.0.5000 because symantec fixed it :)

Users with local administrator privilege can bypass the Symantec Endpoint Protection uninstall password
Fix ID: 1515363
Symptom: A user is able to bypass the uninstall password by using an undisclosed procedure.
Solution: The MSI file was updated to prevent administrators from bypassing the uninstall password.


http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121216360648 

Hi Rafeeq,

We're currently using 11.0.4202.75 which has client agent uninstall password policy.
So am also in same boat like etoshark.

I'd deleted SMCINSTDATA and created DWORD entry as UseVPUninstallPassword=o in HKLM\SOFTWARE\Symantec\Symantec Endpoint\Protection\AV\AdministratorOnly\Security.

But in spite of that i'm not able to uninstall the client agent without password or bypassing the password box locally.

Is there any other procedure ?

Thanks

i am using 11.0.3001.2224, but failed to bypass the password according to above instruction. Any ideas?

install a test manager ;
copy the sylink to the clients
put a new uninstall password
remove the clients.

i've even tried to remotely run 'smc -stop' so I can delete/update the sylink files, but it fails every time.  you also can't stop the required service using net stop or psservice.   why have they made this such a pita to update...unless i'm completely missing something here.


here's my scenario:

installing the new version on top of the old upgrades the client, but does NOT update the sylink.xml...so the client still points to the old server.

the only thing that works is manually uninstalling the client, or manually running the smc -stop command and replacing the files.  obviously, not a realistic choice when trying to upgrade 600 machines.



please tell me someone has come up with a way around this, or there's another method for migrating machines to a new server that can be done in a 'hands-off' manner!

Use the following to disable password and remove the product.

1. Open the registry
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC
3. Change the value for SmcGuiHasPassword from 1 to 0

This should work for all your older versions of SEP >= 11.04

So you can script it to CHANGE the registry value.
Than run
MSIEXEC /x [product ID] for your version.

I leave the rest up to you.

If you absolutely want a script to put into a BATCH file...  I'll post one.

Hi folks,

As you get involved with different threads and conversations, please stick to the original topic, otherwise we get 3-4 different issues being discussed by different users.  If you have a question, please simply start a new thread so we can ensure everyone's topic is viewed.

If you're not familiar with the search feature, or the "filtering" available on search, please give it a try.  There are many threads marked "solved" that may just answer your question, and eliminate the need for another thread.

Thanks everyone!

Eric

Hi

Jason can you write me the bactch file? also to delete the symantec file from C:\Program files  after the uninstalltion take place - need to have these uninstalled silently

another problem i face is the product code varies from all the user. i have about 88 users i need to uninstall the SEP. I thought of running a batch file from GPO but since the product code varies i am not suer how else it can be done.

Regrads

r3gz@hotmail.com