Endpoint Protection

After changing authentication method to "directory server integration" I cannot log in to the Symantec Endpoint Protection Manager. I changed the authentication method and selected the domain controller from the drop-down list. After logging out I cannot log in again when trying with the domain admin account, see screendump. I have tried to enter the domain name as well as the dc server name in the "domain"-field. How do I "reset" the authentication method so I can login using the built-in account?
 

hi,
user name and password are case sensitive. If you cannot login into SEPM console using the directory authentication, then I believe there is no way to crack into SEPM

Try this
SEPM installed drive
c:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools\resetpass.bat

Tried the resetpass.bat, but that does not help, when trying to log on with admin-admin , the system responds with "The system administrator account is locked".

R u having multiple SEPM's connecting to one database? If yes stop all other servers before trying reset password.

Restart the sepm services.
Wait 15 mins then run this resetpass.bat. this will reset admin account password to admin
 OR u can edit this batch file to set desired password.

resetpass.bat will not work , if the authentication has been set to Directory type( AD).

Hi,

did you disable to default admin account?

If not u can use the resetpass.bat

if account is locked wait for 15 mins , you should be able to log in with default admin account with symantec authentication..

d

Hi, Please try to login to SEPM with your domain account without entering the Domain in the Domain field on the SEPM login page. This Domain field is not your AD Domain but your SEPM Domain (If you have setup multiple domains in SEPM).

If this doesn't work then the only solution is to uninstall and reinstall SEPM. Then use the sylinkreplacer tool to reconnect all the clients to the new SEPM.


You may download the tool and the PDF document on how to use the tool from here,

https://www-secure.symantec.com/connect/downloads/sylinkreplacer-tool-connecting-sep-clients-sepm

Let me know if this suggestion helps :-)

In 2 cases on which I have worked   the only solution is left is an Uninstall Reinstall of SEPM.

All,
thank you for good ideas and input.

I managed to log in with username "admin" and my domain administrator password (note: i was not using the domain username, only the password). Weird, but it actually worked, might be a bug? (The old administrator password for the symantec authentication account is different to the domain administrator account, so I have not mixed these two together.) After having successfully logged in, i changed the login type back to symantec authentication, logged out, and logged in again with admin-admin, which worked fine. (I did run resetpass at an earlier stage in one of the attempts to fix the problem).

Case closed.
Best
/Nils

hea this is working fine at my end i am using LDAP for authentication.......

thanks to lefring - wasn't thinking about this option before reading it ... and that solved the issue to be able to log in again.  However there's another issue which may have caused the whole thing to happen in the first place.  If you're running W2K8 and followed the suggestion of the server console to secure your server better ... that may actually have caused the whole thing ... I had to revert the changes to the domain controller policy to not have the LDAP signing requirements enforced - until I reversed the settings nothing was working ...

Yes Prachand now I'm also stuck in this same problem,

OK by reinstalling SEPM how can we reconnect all of the client back to the server ?

shall I just use Sylink replacer or deploy the AV companywide again ?