How to make the SEP client to become unmanaged by getting the regular Live update from Internet automatically ?
Hi Everyone,
Has anyone here ever face the problem of broken Windows networking component before in using Cleanwipe ?
the problem goes like the following:
1. I want to make the SEP to become unmanaged therefore i need to uninstall the current SEP client but it failed with Error MSI 1722 which seems like never ending loop of error message
Product: Symantec Endpoint Protection -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action Sav10UninstallFix, location: C:\WINDOWS\Installer\MSI23
The solution was to use Cleanwipe to remove all / everything Symantec related matter, but then there is another problem
2. The user is now unable to use the netowrk at all, IPCONFIG /all returns nothing and all of the networking activity is not working anymore.
The solution was to reinstall SEP again using local USB flashdisk install, followed by system restart, and here comes another problem
3 The SEP Client is now out of date and the Liveupdate button is disabled, typing "luall" in cmd prompt bring the liveupdate to contact the management server again (SEPM) which is not what I want in the first place. ?
can anyone suggest me how to exit this Symantec loop of madness ? my only goal isto make the SEP Client to be unmanaged by getting the automatic live update going from the internet directly.
Any suggestion would be greatly appreciated.
Thanks
Has anyone here ever face the problem of broken Windows networking component before in using Cleanwipe ?
the problem goes like the following:
1. I want to make the SEP to become unmanaged therefore i need to uninstall the current SEP client but it failed with Error MSI 1722 which seems like never ending loop of error message
Product: Symantec Endpoint Protection -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action Sav10UninstallFix, location: C:\WINDOWS\Installer\MSI23
The solution was to use Cleanwipe to remove all / everything Symantec related matter, but then there is another problem
2. The user is now unable to use the netowrk at all, IPCONFIG /all returns nothing and all of the networking activity is not working anymore.
The solution was to reinstall SEP again using local USB flashdisk install, followed by system restart, and here comes another problem
3 The SEP Client is now out of date and the Liveupdate button is disabled, typing "luall" in cmd prompt bring the liveupdate to contact the management server again (SEPM) which is not what I want in the first place. ?
can anyone suggest me how to exit this Symantec loop of madness ? my only goal isto make the SEP Client to be unmanaged by getting the automatic live update going from the internet directly.
Any suggestion would be greatly appreciated.
Thanks
Jackie Man
Can you access the management console of SEP in your server?
ASKER
no, this is for a remote office branch which now no longer managed by the SEPM.
Tried to re-install as managed SEP client. Then, follow the steps below to change the client from managed to unmanaged.
"To convert the Symantec Endpoint Protection clients to unmanaged after they have been installed as managed
1. Locate the Sylink.xml file that is located on CD 1 in the SEP folder.
2. Copy the Sylink.xml file to a location that is accessible to clients on the network.
3. On the client, navigate to CD2\TOOLS\NOSUPPORT\SYLINK
Note: CD2 may also be labeled CD3
4. Run SylinkDrop.exe on each Symantec Endpoint Protection client that needs to be converted to an unmanaged client."
Source: http://www.symantec.com/business/support/index?page=content&id=TECH104010&locale=en_US
"To convert the Symantec Endpoint Protection clients to unmanaged after they have been installed as managed
1. Locate the Sylink.xml file that is located on CD 1 in the SEP folder.
2. Copy the Sylink.xml file to a location that is accessible to clients on the network.
3. On the client, navigate to CD2\TOOLS\NOSUPPORT\SYLINK
Note: CD2 may also be labeled CD3
4. Run SylinkDrop.exe on each Symantec Endpoint Protection client that needs to be converted to an unmanaged client."
Source: http://www.symantec.com/business/support/index?page=content&id=TECH104010&locale=en_US
ASKER
ok, then i can ask the user to execute the 'SylinkDrop.exe" right ? without having to uninstall the whole SEP client which is currently managed and out of date ?
Replace the Sylink.Xml file from the SEP Install Package (Folder )which you have Downloaded or from the CD before running 'SylinkDrop.exe".
1. Open the SEP Folder from the which you have downloaded.
2. Copu the Sylink.Xml file
3. Then Go the Machine which you want to make Self Managed
4. Stop the Smc Service
5. Start--> Run--> Smc - Stop
6. Copy the sylink file to the Symantec Endpoint Protection install Location
7. By Default it's on C\Program Files\Symantec\Symantec Endpoint Protection
8. Then Start the Smc service .Start--> Run---> Smc -Start
Then, edit the registry to setup ON and Off the Liveupdate as follows:-
1) It is advisable to backup the registry before editing.
2) Click Start > Run > Regedit.
3) In the Registry Editor go to HKEY_LOCAL_MACHINE\SOFTWAR
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
6) Close the editor.
7) If the String Value “AllowManualLiveUpdate” is not present the you need to create it and you can do this by right clicking in a blank area of the pane and click on New and choose DWORD Value.
8) Name the new value “AllowManualLiveUpdate” ,without the quote marks, you can leave the default value of zero and this will disable the LiveUpdate button on the SEP client GUI. (Note: To Turn ON default value of 1)
9) Close the Registry editor.
10) Open the SEP client GUI and verify that the LiveUpdate button is disabled.
Source: http://news.support.veritas.com/connect/pt-br/forums/sepm-removed-server-how-change-clients-managed-unmanaged-selfupdate
1. Open the SEP Folder from the which you have downloaded.
2. Copu the Sylink.Xml file
3. Then Go the Machine which you want to make Self Managed
4. Stop the Smc Service
5. Start--> Run--> Smc - Stop
6. Copy the sylink file to the Symantec Endpoint Protection install Location
7. By Default it's on C\Program Files\Symantec\Symantec Endpoint Protection
8. Then Start the Smc service .Start--> Run---> Smc -Start
Then, edit the registry to setup ON and Off the Liveupdate as follows:-
1) It is advisable to backup the registry before editing.
2) Click Start > Run > Regedit.
3) In the Registry Editor go to HKEY_LOCAL_MACHINE\SOFTWAR
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
6) Close the editor.
7) If the String Value “AllowManualLiveUpdate” is not present the you need to create it and you can do this by right clicking in a blank area of the pane and click on New and choose DWORD Value.
8) Name the new value “AllowManualLiveUpdate” ,without the quote marks, you can leave the default value of zero and this will disable the LiveUpdate button on the SEP client GUI. (Note: To Turn ON default value of 1)
9) Close the Registry editor.
10) Open the SEP client GUI and verify that the LiveUpdate button is disabled.
Source: http://news.support.veritas.com/connect/pt-br/forums/sepm-removed-server-how-change-clients-managed-unmanaged-selfupdate
ASKER
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protecti
ASKER
hm... does the folowing steps:
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
means that the user cannot do the update then ?
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
means that the user cannot do the update then ?
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protect
if the setup of SEP is OK, it will automatically update, you can set the value to 1 if you allow the user to do manual update
if the setup of SEP is OK, it will automatically update, you can set the value to 1 if you allow the user to do manual update
ASKER
many thanks foryour reply, however after doing the registry changes and the sylink manual relace fromthe steps above, when I click on the LIVEUPDATE button it is still tries to contact the Management server in my head quarter ?
how can this be happening ?
how can this be happening ?
ASKER
and now when I tried to repair the SEP installation, the service could not stop and it gives me:
Error: "Error 1921: "Service Norton AntiVirus Server could not be stopped. Please verify you have sufficient privileges to stop the service."
regedit.JPG
Error: "Error 1921: "Service Norton AntiVirus Server could not be stopped. Please verify you have sufficient privileges to stop the service."
regedit.JPG
have you stop the smc service before sylink manual relace?
Start--> Run--> Smc - Stop
Start--> Run--> Smc - Stop
ASKER
yes I did that already, but the funny thing is that when I tried to politely "repair" my SEP installation, it always failed with that unable to stop the service :-| Error 1921
1. On the Windows taskbar, click Start > Run.
2. In the Open box, type the following text:
services.msc
3. Click OK.
4. In the right pane, find the Symantec Endpoint Protection entry and confirm that the Status column shows "Started."
2. In the Open box, type the following text:
services.msc
3. Click OK.
4. In the right pane, find the Symantec Endpoint Protection entry and confirm that the Status column shows "Started."
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks man !
ASKER
yes it works in that way you suggested and then followed by uninstalling the NIC driver and reinstalling it again.