Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5123
  • Last Modified:

How to make the SEP client to become unmanaged by getting the regular Live update from Internet automatically ?

Hi Everyone,

Has anyone here ever face the problem of broken Windows networking component before in using Cleanwipe ?

the problem goes like the following:

1. I want to make the SEP to become unmanaged therefore i need to uninstall the current SEP client but it failed with Error MSI 1722 which seems like never ending loop of error message
Product: Symantec Endpoint Protection -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action Sav10UninstallFix, location: C:\WINDOWS\Installer\MSI23.tmp, command:

The solution was to use Cleanwipe to remove all / everything Symantec related matter, but then there is another problem

2. The user is now unable to use the netowrk at all, IPCONFIG /all returns nothing and all of the networking activity is not working anymore.

The solution was to reinstall SEP again using local USB flashdisk install, followed by system restart, and here comes another problem

3 The SEP Client is now out of date and the Liveupdate button is disabled, typing "luall" in cmd prompt bring the liveupdate to contact the management server again (SEPM) which is not what I want in the first place. ?

can anyone suggest me how to exit this Symantec loop of madness ? my only goal isto make the SEP Client to be unmanaged by getting the automatic live update going from the internet directly.

Any suggestion would be greatly appreciated.

Thanks
0
jjoz
Asked:
jjoz
  • 9
  • 7
1 Solution
 
Jackie ManCommented:
Can you access the management console of SEP in your server?
0
 
jjozAuthor Commented:
no, this is for a remote office branch which now no longer managed by the SEPM.
0
 
Jackie ManCommented:
Tried to re-install as managed SEP client. Then, follow the steps below to change the client from managed to unmanaged.

"To convert the Symantec Endpoint Protection clients to unmanaged after they have been installed as managed

   1. Locate the Sylink.xml file that is located on CD 1 in the SEP folder.
   2. Copy the Sylink.xml file to a location that is accessible to clients on the network.
   3. On the client, navigate to CD2\TOOLS\NOSUPPORT\SYLINKDROP.
      Note: CD2 may also be labeled CD3
   4. Run SylinkDrop.exe on each Symantec Endpoint Protection client that needs to be converted to an unmanaged client."

Source: http://www.symantec.com/business/support/index?page=content&id=TECH104010&locale=en_US
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
jjozAuthor Commented:
ok, then i can ask the user to execute the 'SylinkDrop.exe" right ? without having to uninstall the whole SEP client which is currently managed and out of date ?
0
 
Jackie ManCommented:
Replace the Sylink.Xml file from the SEP Install Package (Folder )which you have Downloaded or from the CD before running 'SylinkDrop.exe".

   1. Open the SEP Folder from the which you have downloaded.
   2. Copu the Sylink.Xml file
   3. Then Go the Machine which you want to make Self Managed
   4. Stop the Smc Service
   5. Start--> Run--> Smc - Stop
   6. Copy the sylink file to the Symantec Endpoint Protection  install Location
   7. By Default it's on C\Program Files\Symantec\Symantec Endpoint Protection
   8. Then Start the Smc service .Start--> Run---> Smc -Start

Then, edit the registry to setup ON and Off the Liveupdate as follows:-

1) It is advisable to backup the registry before editing.
2) Click Start > Run > Regedit.
3) In the Registry Editor go to HKEY_LOCAL_MACHINE\SOFTWARE\SYMANTEC\SYMANTEC ENDPOINT PROTECTION\LIVEUPDATE.
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
6) Close the editor.
7) If the String Value “AllowManualLiveUpdate” is not present the you need to create it and you can do this by right clicking in a blank area of the pane and click on New and choose DWORD Value.
8) Name the new value “AllowManualLiveUpdate” ,without the quote marks, you can leave the default value of zero and this will disable the LiveUpdate button on the SEP client GUI. (Note: To Turn ON default value of 1)
9) Close the Registry editor.
10) Open the SEP client GUI and verify that the LiveUpdate button is disabled.

Source: http://news.support.veritas.com/connect/pt-br/forums/sepm-removed-server-how-change-clients-managed-unmanaged-selfupdate
0
 
jjozAuthor Commented:
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ?
0
 
jjozAuthor Commented:
hm... does the folowing steps:

4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.


means that the user cannot do the update then ?
0
 
Jackie ManCommented:
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ? <- yes

if the setup of SEP is OK, it will automatically update, you can set the value to 1 if you allow the user to do manual update
0
 
jjozAuthor Commented:
many thanks foryour reply, however after doing the registry changes and the sylink manual relace fromthe steps above, when I click on the LIVEUPDATE button it is still tries to contact the Management server in my head quarter ?

how can this be happening ?
0
 
jjozAuthor Commented:
and now when I tried to repair the SEP installation, the service could not stop and it gives me:

Error: "Error 1921: "Service Norton AntiVirus Server could not be stopped. Please verify you have sufficient privileges to stop the service."
regedit.JPG
0
 
Jackie ManCommented:
have you stop the smc service before sylink manual relace?

Start--> Run--> Smc - Stop
0
 
jjozAuthor Commented:
yes I did that already, but the funny thing is that when I tried to politely "repair" my SEP installation, it always failed with that unable to stop the service :-| Error 1921
0
 
Jackie ManCommented:
  1. On the Windows taskbar, click Start > Run.
   2. In the Open box, type the following text:

      services.msc
       
   3. Click OK.
   4. In the right pane, find the Symantec Endpoint Protection entry and confirm that the Status column shows "Started."


0
 
Jackie ManCommented:
Maybe you need to start afresh by running Cleanwipe again. Then, install SEP as managed client and follow the steps to convert SEP clients to unmanaged using the method as shown above.
0
 
jjozAuthor Commented:
thanks man !
0
 
jjozAuthor Commented:
yes it works in that way you suggested and then followed by uninstalling the NIC driver and reinstalling it again.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 9
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now