[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Symantec Endpoint causes problems for Exchange 2007

Published on
9,498 Points
Last Modified:
The scenario is as follows:
You've setup your Windows 2008 Domain Controller and you went against all Microsoft conventions (oh no!) and you also used it to setup your DHCP / DNS / Network Share / Print Server and Antivirus Server on the very same Domain Controller.  

You then setup a member server with Windows 2008 R2 and installed Exchange 2007 Service Pack 3 (yes, this is the only combination that will work, otherwise you need to install Windows 2008 and a version of Exchange 2007 which will work with it - this is such a big issue - I got lucky and installed this one time a couple of weeks back but Microsoft did not release Exchange SP3 until June 22 2010).  

In any case, all is smooth and you setup your email server and now you want to install an antivirus solution - I went with Symantec Corporate Edition only to find out it no longer works (I had version 10).  So I went to Symantec Endpoint Protection - I had 11.0.2 which also did not work so i had to get 11.0.4 version. I got that installed it and it worked.

Then after a week the Exchange Server is having all sorts of errors but the main symptoms are that as it is supposed to renew its IP address from the DHCP server, it loses contact (anywhere between 3 to 7 hours) and then you have to restart your Exchange server for it to work again.  I tried looking for a solution for days -- searched the internet over and then amongst other things one of the engineers found this error:

    Event ID 1050 MSEx Runtime   Source MSExchange Extensibility

We searched the net and realised that basically the Network Threat part of the Symantec Endpoint was installed and was causing the issues between the Exchange 2007 and the Domain Controller/DHCP server!  Disable this and voila - all sorted - run dcdiag just to make sure that all runs (run it from the Exchange server - go to
    start, run, command prompt - dcdiag /s:<server name>
for instance
   dcdiag /s:dc1.company.com
You should maybe get only 1 error (I can't remember the service but this is by default as it has to do with running a read only domain controller RODC - so nothing major if you are not running one. I think it was part of the adprep when you were preparing the domain for Windows 2008 and you had the option to run it).

So there you have it - another great thing from Symantec Endpoint Network Threat Protection - it affects Exchange 2007!  You can keep the anti-virus and anti-spyware running as they do not cause any issues!
1 Comment

Expert Comment

good article ! ,that is the reason system administrator need to share there knowledge

Featured Post

Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Join & Write a Comment

Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month