Solved

How to make the SEP client to become unmanaged by getting the regular Live update from Internet automatically ?

Posted on 2011-02-20
16
4,903 Views
Last Modified: 2013-12-09
Hi Everyone,

Has anyone here ever face the problem of broken Windows networking component before in using Cleanwipe ?

the problem goes like the following:

1. I want to make the SEP to become unmanaged therefore i need to uninstall the current SEP client but it failed with Error MSI 1722 which seems like never ending loop of error message
Product: Symantec Endpoint Protection -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action Sav10UninstallFix, location: C:\WINDOWS\Installer\MSI23.tmp, command:

The solution was to use Cleanwipe to remove all / everything Symantec related matter, but then there is another problem

2. The user is now unable to use the netowrk at all, IPCONFIG /all returns nothing and all of the networking activity is not working anymore.

The solution was to reinstall SEP again using local USB flashdisk install, followed by system restart, and here comes another problem

3 The SEP Client is now out of date and the Liveupdate button is disabled, typing "luall" in cmd prompt bring the liveupdate to contact the management server again (SEPM) which is not what I want in the first place. ?

can anyone suggest me how to exit this Symantec loop of madness ? my only goal isto make the SEP Client to be unmanaged by getting the automatic live update going from the internet directly.

Any suggestion would be greatly appreciated.

Thanks
0
Comment
Question by:jjoz
  • 9
  • 7
16 Comments
 
LVL 44

Expert Comment

by:Jackie Man
ID: 34940688
Can you access the management console of SEP in your server?
0
 
LVL 1

Author Comment

by:jjoz
ID: 34940696
no, this is for a remote office branch which now no longer managed by the SEPM.
0
 
LVL 44

Expert Comment

by:Jackie Man
ID: 34940727
Tried to re-install as managed SEP client. Then, follow the steps below to change the client from managed to unmanaged.

"To convert the Symantec Endpoint Protection clients to unmanaged after they have been installed as managed

   1. Locate the Sylink.xml file that is located on CD 1 in the SEP folder.
   2. Copy the Sylink.xml file to a location that is accessible to clients on the network.
   3. On the client, navigate to CD2\TOOLS\NOSUPPORT\SYLINKDROP.
      Note: CD2 may also be labeled CD3
   4. Run SylinkDrop.exe on each Symantec Endpoint Protection client that needs to be converted to an unmanaged client."

Source: http://www.symantec.com/business/support/index?page=content&id=TECH104010&locale=en_US
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 1

Author Comment

by:jjoz
ID: 34940740
ok, then i can ask the user to execute the 'SylinkDrop.exe" right ? without having to uninstall the whole SEP client which is currently managed and out of date ?
0
 
LVL 44

Expert Comment

by:Jackie Man
ID: 34940845
Replace the Sylink.Xml file from the SEP Install Package (Folder )which you have Downloaded or from the CD before running 'SylinkDrop.exe".

   1. Open the SEP Folder from the which you have downloaded.
   2. Copu the Sylink.Xml file
   3. Then Go the Machine which you want to make Self Managed
   4. Stop the Smc Service
   5. Start--> Run--> Smc - Stop
   6. Copy the sylink file to the Symantec Endpoint Protection  install Location
   7. By Default it's on C\Program Files\Symantec\Symantec Endpoint Protection
   8. Then Start the Smc service .Start--> Run---> Smc -Start

Then, edit the registry to setup ON and Off the Liveupdate as follows:-

1) It is advisable to backup the registry before editing.
2) Click Start > Run > Regedit.
3) In the Registry Editor go to HKEY_LOCAL_MACHINE\SOFTWARE\SYMANTEC\SYMANTEC ENDPOINT PROTECTION\LIVEUPDATE.
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
6) Close the editor.
7) If the String Value “AllowManualLiveUpdate” is not present the you need to create it and you can do this by right clicking in a blank area of the pane and click on New and choose DWORD Value.
8) Name the new value “AllowManualLiveUpdate” ,without the quote marks, you can leave the default value of zero and this will disable the LiveUpdate button on the SEP client GUI. (Note: To Turn ON default value of 1)
9) Close the Registry editor.
10) Open the SEP client GUI and verify that the LiveUpdate button is disabled.

Source: http://news.support.veritas.com/connect/pt-br/forums/sepm-removed-server-how-change-clients-managed-unmanaged-selfupdate
0
 
LVL 1

Author Comment

by:jjoz
ID: 34956875
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ?
0
 
LVL 1

Author Comment

by:jjoz
ID: 34956880
hm... does the folowing steps:

4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.


means that the user cannot do the update then ?
0
 
LVL 44

Expert Comment

by:Jackie Man
ID: 34957058
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ? <- yes

if the setup of SEP is OK, it will automatically update, you can set the value to 1 if you allow the user to do manual update
0
 
LVL 1

Author Comment

by:jjoz
ID: 34957143
many thanks foryour reply, however after doing the registry changes and the sylink manual relace fromthe steps above, when I click on the LIVEUPDATE button it is still tries to contact the Management server in my head quarter ?

how can this be happening ?
0
 
LVL 1

Author Comment

by:jjoz
ID: 34957241
and now when I tried to repair the SEP installation, the service could not stop and it gives me:

Error: "Error 1921: "Service Norton AntiVirus Server could not be stopped. Please verify you have sufficient privileges to stop the service."
regedit.JPG
0
 
LVL 44

Expert Comment

by:Jackie Man
ID: 34957338
have you stop the smc service before sylink manual relace?

Start--> Run--> Smc - Stop
0
 
LVL 1

Author Comment

by:jjoz
ID: 34957354
yes I did that already, but the funny thing is that when I tried to politely "repair" my SEP installation, it always failed with that unable to stop the service :-| Error 1921
0
 
LVL 44

Expert Comment

by:Jackie Man
ID: 34957421
  1. On the Windows taskbar, click Start > Run.
   2. In the Open box, type the following text:

      services.msc
       
   3. Click OK.
   4. In the right pane, find the Symantec Endpoint Protection entry and confirm that the Status column shows "Started."


0
 
LVL 44

Accepted Solution

by:
Jackie Man earned 500 total points
ID: 34958923
Maybe you need to start afresh by running Cleanwipe again. Then, install SEP as managed client and follow the steps to convert SEP clients to unmanaged using the method as shown above.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 34960103
thanks man !
0
 
LVL 1

Author Comment

by:jjoz
ID: 34960108
yes it works in that way you suggested and then followed by uninstalling the NIC driver and reinstalling it again.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question