[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to make the SEP client to become unmanaged by getting the regular Live update from Internet automatically ?

Posted on 2011-02-20
16
Medium Priority
?
5,080 Views
Last Modified: 2013-12-09
Hi Everyone,

Has anyone here ever face the problem of broken Windows networking component before in using Cleanwipe ?

the problem goes like the following:

1. I want to make the SEP to become unmanaged therefore i need to uninstall the current SEP client but it failed with Error MSI 1722 which seems like never ending loop of error message
Product: Symantec Endpoint Protection -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action Sav10UninstallFix, location: C:\WINDOWS\Installer\MSI23.tmp, command:

The solution was to use Cleanwipe to remove all / everything Symantec related matter, but then there is another problem

2. The user is now unable to use the netowrk at all, IPCONFIG /all returns nothing and all of the networking activity is not working anymore.

The solution was to reinstall SEP again using local USB flashdisk install, followed by system restart, and here comes another problem

3 The SEP Client is now out of date and the Liveupdate button is disabled, typing "luall" in cmd prompt bring the liveupdate to contact the management server again (SEPM) which is not what I want in the first place. ?

can anyone suggest me how to exit this Symantec loop of madness ? my only goal isto make the SEP Client to be unmanaged by getting the automatic live update going from the internet directly.

Any suggestion would be greatly appreciated.

Thanks
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 7
16 Comments
 
LVL 49

Expert Comment

by:Jackie Man
ID: 34940688
Can you access the management console of SEP in your server?
0
 
LVL 1

Author Comment

by:jjoz
ID: 34940696
no, this is for a remote office branch which now no longer managed by the SEPM.
0
 
LVL 49

Expert Comment

by:Jackie Man
ID: 34940727
Tried to re-install as managed SEP client. Then, follow the steps below to change the client from managed to unmanaged.

"To convert the Symantec Endpoint Protection clients to unmanaged after they have been installed as managed

   1. Locate the Sylink.xml file that is located on CD 1 in the SEP folder.
   2. Copy the Sylink.xml file to a location that is accessible to clients on the network.
   3. On the client, navigate to CD2\TOOLS\NOSUPPORT\SYLINKDROP.
      Note: CD2 may also be labeled CD3
   4. Run SylinkDrop.exe on each Symantec Endpoint Protection client that needs to be converted to an unmanaged client."

Source: http://www.symantec.com/business/support/index?page=content&id=TECH104010&locale=en_US
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 
LVL 1

Author Comment

by:jjoz
ID: 34940740
ok, then i can ask the user to execute the 'SylinkDrop.exe" right ? without having to uninstall the whole SEP client which is currently managed and out of date ?
0
 
LVL 49

Expert Comment

by:Jackie Man
ID: 34940845
Replace the Sylink.Xml file from the SEP Install Package (Folder )which you have Downloaded or from the CD before running 'SylinkDrop.exe".

   1. Open the SEP Folder from the which you have downloaded.
   2. Copu the Sylink.Xml file
   3. Then Go the Machine which you want to make Self Managed
   4. Stop the Smc Service
   5. Start--> Run--> Smc - Stop
   6. Copy the sylink file to the Symantec Endpoint Protection  install Location
   7. By Default it's on C\Program Files\Symantec\Symantec Endpoint Protection
   8. Then Start the Smc service .Start--> Run---> Smc -Start

Then, edit the registry to setup ON and Off the Liveupdate as follows:-

1) It is advisable to backup the registry before editing.
2) Click Start > Run > Regedit.
3) In the Registry Editor go to HKEY_LOCAL_MACHINE\SOFTWARE\SYMANTEC\SYMANTEC ENDPOINT PROTECTION\LIVEUPDATE.
4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.
6) Close the editor.
7) If the String Value “AllowManualLiveUpdate” is not present the you need to create it and you can do this by right clicking in a blank area of the pane and click on New and choose DWORD Value.
8) Name the new value “AllowManualLiveUpdate” ,without the quote marks, you can leave the default value of zero and this will disable the LiveUpdate button on the SEP client GUI. (Note: To Turn ON default value of 1)
9) Close the Registry editor.
10) Open the SEP client GUI and verify that the LiveUpdate button is disabled.

Source: http://news.support.veritas.com/connect/pt-br/forums/sepm-removed-server-how-change-clients-managed-unmanaged-selfupdate
0
 
LVL 1

Author Comment

by:jjoz
ID: 34956875
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ?
0
 
LVL 1

Author Comment

by:jjoz
ID: 34956880
hm... does the folowing steps:

4) In the right pane, locate the String Value “AllowManualLiveUpdate”.
5) Double click on the string value and change the Value data to zero.


means that the user cannot do the update then ?
0
 
LVL 49

Expert Comment

by:Jackie Man
ID: 34957058
or by this means the default sylink.xml that comes from the DVD "Symantec_Endpoint_Protection_11.0.6_MP2_Xplat_EN_DVD\SEP" that's for the 32 bit client right ? <- yes

if the setup of SEP is OK, it will automatically update, you can set the value to 1 if you allow the user to do manual update
0
 
LVL 1

Author Comment

by:jjoz
ID: 34957143
many thanks foryour reply, however after doing the registry changes and the sylink manual relace fromthe steps above, when I click on the LIVEUPDATE button it is still tries to contact the Management server in my head quarter ?

how can this be happening ?
0
 
LVL 1

Author Comment

by:jjoz
ID: 34957241
and now when I tried to repair the SEP installation, the service could not stop and it gives me:

Error: "Error 1921: "Service Norton AntiVirus Server could not be stopped. Please verify you have sufficient privileges to stop the service."
regedit.JPG
0
 
LVL 49

Expert Comment

by:Jackie Man
ID: 34957338
have you stop the smc service before sylink manual relace?

Start--> Run--> Smc - Stop
0
 
LVL 1

Author Comment

by:jjoz
ID: 34957354
yes I did that already, but the funny thing is that when I tried to politely "repair" my SEP installation, it always failed with that unable to stop the service :-| Error 1921
0
 
LVL 49

Expert Comment

by:Jackie Man
ID: 34957421
  1. On the Windows taskbar, click Start > Run.
   2. In the Open box, type the following text:

      services.msc
       
   3. Click OK.
   4. In the right pane, find the Symantec Endpoint Protection entry and confirm that the Status column shows "Started."


0
 
LVL 49

Accepted Solution

by:
Jackie Man earned 2000 total points
ID: 34958923
Maybe you need to start afresh by running Cleanwipe again. Then, install SEP as managed client and follow the steps to convert SEP clients to unmanaged using the method as shown above.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 34960103
thanks man !
0
 
LVL 1

Author Comment

by:jjoz
ID: 34960108
yes it works in that way you suggested and then followed by uninstalling the NIC driver and reinstalling it again.
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question