dastle
asked on
Symantec Endpoint Protection client shows Server: status "offline"
I have a deployment of SEP in a multi-site environment. I have two SEPM servers, one at each site. Replication is working and I've deployed the client out to multiple systems on my primary location without issue. Today, I began deploying clients out in my secondary location. The clients are in a separate group from those at my primary site with the communication settings configured to point to the secondary SEPM server.
The problem I'm having is when I deploy the SEP client to systems at the secondary location, the communication between the client and the secondary SEPM server does not appear to take place. When I go into troubleshooting and view the status, it reports "Server: Offline". It does show the correct information under "Group:" as far as where the client should be at, but looking at the SEPM server, it doesn't appear as a client and a search of unmanged clients with the client's name shows the computer with a "Deployment Status" of "No".
I have tried some solutions posted that suggest copying the sylink.xml file from the SEPM server to the client and pasting it into the SEP installation directory after stopping SMC, but that hasn't worked.
The client with the problem connecting to the SEPM server is a Windows Server 2003 R2 Domain Controller.
Any suggestions?
The problem I'm having is when I deploy the SEP client to systems at the secondary location, the communication between the client and the secondary SEPM server does not appear to take place. When I go into troubleshooting and view the status, it reports "Server: Offline". It does show the correct information under "Group:" as far as where the client should be at, but looking at the SEPM server, it doesn't appear as a client and a search of unmanged clients with the client's name shows the computer with a "Deployment Status" of "No".
I have tried some solutions posted that suggest copying the sylink.xml file from the SEPM server to the client and pasting it into the SEP installation directory after stopping SMC, but that hasn't worked.
The client with the problem connecting to the SEPM server is a Windows Server 2003 R2 Domain Controller.
Any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry,
You can download it from here:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007456519454798
You can download it from here:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007456519454798
ASKER
Turns out the communication issue had multiple sources. Because the management server is also a domain controller, the website was setup to run as a domain IUSR account for anonymous access. This caused problems with the SEPM service which would start and then fail. A recommendation I found was to enable Integrated Authentication on the website which enabled the SEPM service to start but effectively prevented the clients from accessing the SEPM server because they couldn't authenticate.
I switched the website over to a different domain account and that seems to have solved the client communication issue. I found the solution from one of the articles you linked and from using SylinkMonitor which reported the 401.1 error message from the webpage.
Now the problm I'm having is an inability to access the reporting console on the SEPM server, but that's a different issue.
I switched the website over to a different domain account and that seems to have solved the client communication issue. I found the solution from one of the articles you linked and from using SylinkMonitor which reported the 401.1 error message from the webpage.
Now the problm I'm having is an inability to access the reporting console on the SEPM server, but that's a different issue.
Glad to help and thanks for the points :)
ASKER