Solved

How to make the SEP client to become unmanaged by getting the regular Live update from Internet automatically ?

Posted on 2011-02-20
16
4,799 Views
Last Modified: 2013-12-09
Hi Everyone,

Has anyone here ever face the problem of broken Windows networking component before in using Cleanwipe ?

the problem goes like the following:

1. I want to make the SEP to become unmanaged therefore i need to uninstall the current SEP client but it failed with Error MSI 1722 which seems like never ending loop of error message
Product: Symantec Endpoint Protection -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action Sav10UninstallFix, location: C:\WINDOWS\Installer\MSI23.tmp, command:

The solution was to use Cleanwipe to remove all / everything Symantec related matter, but then there is another problem

2. The user is now unable to use the netowrk at all, IPCONFIG /all returns nothing and all of the networking activity is not working anymore.

The solution was to reinstall SEP again using local USB flashdisk install, followed by system restart, and here comes another problem

3 The SEP Client is now out of date and the Liveupdate button is disabled, typing "luall" in cmd prompt bring the liveupdate to contact the management server again (SEPM) which is not what I want in the first place. ?

can anyone suggest me how to exit this Symantec loop of madness ? my only goal isto make the SEP Client to be unmanaged by getting the automatic live update going from the internet directly.

Any suggestion would be greatly appreciated.

Thanks
0
Comment
Question by:jjoz
  • 9
  • 7
16 Comments
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
Can you access the management console of SEP in your server?
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
no, this is for a remote office branch which now no longer managed by the SEPM.
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
Tried to re-install as managed SEP client. Then, follow the steps below to change the client from managed to unmanaged.

"To convert the Symantec Endpoint Protection clients to unmanaged after they have been installed as managed

   1. Locate the Sylink.xml file that is located on CD 1 in the SEP folder.
   2. Copy the Sylink.xml file to a location that is accessible to clients on the network.
   3. On the client, navigate to CD2\TOOLS\NOSUPPORT\SYLINKDROP.
      Note: CD2 may also be labeled CD3
   4. Run SylinkDrop.exe on each Symantec Endpoint Protection client that needs to be converted to an unmanaged client."

Source: http://www.symantec.com/business/support/index?page=content&id=TECH104010&locale=en_US
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
ok, then i can ask the user to execute the 'SylinkDrop.exe" right ? without having to uninstall the whole SEP client which is currently managed and out of date ?
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
Replace the Sylink.Xml file from the SEP Install Package (Folder )which you have Downloaded or from the CD before running 'SylinkDrop.exe".

   1. Open the SEP Folder from the which you have downloaded.
   2. Copu the Sylink.Xml file
   3. Then Go the Machine which you want to make Self Managed
   4. Stop the Smc Service
   5. Start--> Run--> Smc - Stop
   6. Copy the sylink file to the Symantec Endpoint Protection  install Location
   7. By Default it's on C\Program Files\Symantec\Symantec Endpoint Protection
   8. Then Start the Smc service .Start--> Run---> Smc -Start

Then, edit the registry to setup ON and Off the Liveupdate as follows:-

1) It is advisable to backup the registry before editing.
2) Click Start > Run > Regedit.
3) In the Registry Editor go to HKEY_LOCAL_MACHINE\SOFTWARE\SYMANTEC\SYMANTEC ENDPOINT PROTECTION\LIVEUPDATE.
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
6) Close the editor.
7) If the String Value “AllowManualLiveUpdate” is not present the you need to create it and you can do this by right clicking in a blank area of the pane and click on New and choose DWORD Value.
8) Name the new value “AllowManualLiveUpdate” ,without the quote marks, you can leave the default value of zero and this will disable the LiveUpdate button on the SEP client GUI. (Note: To Turn ON default value of 1)
9) Close the Registry editor.
10) Open the SEP client GUI and verify that the LiveUpdate button is disabled.

Source: http://news.support.veritas.com/connect/pt-br/forums/sepm-removed-server-how-change-clients-managed-unmanaged-selfupdate
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ?
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
hm... does the folowing steps:

4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.


means that the user cannot do the update then ?
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ? <- yes

if the setup of SEP is OK, it will automatically update, you can set the value to 1 if you allow the user to do manual update
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 1

Author Comment

by:jjoz
Comment Utility
many thanks foryour reply, however after doing the registry changes and the sylink manual relace fromthe steps above, when I click on the LIVEUPDATE button it is still tries to contact the Management server in my head quarter ?

how can this be happening ?
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
and now when I tried to repair the SEP installation, the service could not stop and it gives me:

Error: "Error 1921: "Service Norton AntiVirus Server could not be stopped. Please verify you have sufficient privileges to stop the service."
regedit.JPG
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
have you stop the smc service before sylink manual relace?

Start--> Run--> Smc - Stop
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
yes I did that already, but the funny thing is that when I tried to politely "repair" my SEP installation, it always failed with that unable to stop the service :-| Error 1921
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
  1. On the Windows taskbar, click Start > Run.
   2. In the Open box, type the following text:

      services.msc
       
   3. Click OK.
   4. In the right pane, find the Symantec Endpoint Protection entry and confirm that the Status column shows "Started."


0
 
LVL 41

Accepted Solution

by:
Jackie Man earned 500 total points
Comment Utility
Maybe you need to start afresh by running Cleanwipe again. Then, install SEP as managed client and follow the steps to convert SEP clients to unmanaged using the method as shown above.
0
 
LVL 1

Author Closing Comment

by:jjoz
Comment Utility
thanks man !
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
yes it works in that way you suggested and then followed by uninstalling the NIC driver and reinstalling it again.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now