Endpoint Protection

 View Only
Back to Library

Preparing a Symantec Endpoint Protection Release version 12.1 and above Client for Image redistribution and repairing clients already installed 

Oct 03, 2011 11:24 AM

 

Problem: How can I prepare a SEP 12.1 (or greater) client for distribution via Computer Image?
 
When using an image to create a system, all the clients are not appearing within the manager.
 
Environment: Each system was created from the same image with the Client all ready installed.
 
Cause: SEP 12.1 the hardware ID is based on a Registry Key and a XML File that is created when the client is installed for the first time.
 
Solution:

In order to prepare the client for the image, it is vital that you follow these steps:

  1. Turn off Tamper Protection by opening the client
  2. Go to Change Settings and select Client Management.
  3. Select the Tamper Protection Tab and disable
  4. It necessary then to empty the Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\HardwareID=""
  5. Delete the file: In Windows XP and  Windows 2003 systems C:\Documents and Settings\All Users\Application Data\Symantec Shared\PersistedData\sephwid.xml
    In Windows 7.0 and 2008 the folders will be located under C:\Program Data\\Symantec\Symantec Endpoint Protection\PersistedData\sephwid.xml 
  6. If present, delete: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\SySoftk
  7. To create image prevent a restart of the original host before creation of the image (shutdown is OK, but after startup both Key and File will be re-created)


After applying the Image the client will be started and the Registry Key and File newly created.

How to fix SEP 12.1 clients that have been incorrectly configured and already rolled out to production (For each client:)

  1. Turn off Tamper Protection by opening the client
  2. Go to Change Settings and select Client Management.
  3. Select the Tamper Protection Tab and disable
  4. Then empty the Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\HardwareID=""
  5. Delete the file: 
    In Windows XP and  Windows 2003 systems C:\Documents and Settings\All Users\Application Data\Symantec Shared\PersistedData\sephwid.xml
    In Windows 7.0 and 2008 the folders will be located under C:\Program Data\\Symantec\Symantec Endpoint Protection\PersistedData\sephwid.xml 
  6. Delete any client that appears in the Symantec Protection Center.
  7. Go to Start > Run and type SMC -Stop and run
  8. Go to Start > Run and type SMC -Start and run
  9. Turn On Tamper Protection by opening the client
  10. Go to Change Settings and select Client Management.
  11. Select the Tamper Protection Tab and enable 

    This will generate unique HardwareID's and sephwid.xml's for each client.

References:  

'Configuring Symantec Endpoint Protection client for deployment as part of a drive image'

http://www.symantec.com/business/support/index?page=content&id=TECH102815

 

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
Oct 05, 2011 11:17 AM

After waiting several minutes, the machines are currently all showing online in the console.  It appears that everything is now working properly.

Migration User
Oct 05, 2011 11:08 AM

After deleting the machines from the console and rebuilding the indexes, the computer properties have returned and the client version field is now populated.  However, there's still only one machine online at a time.

Migration User
Oct 05, 2011 09:39 AM

This is not working for us.  All of the machines now show up in the console, but only one is online at a time.  Also, the computer properties are blank and it says "Client version unavailable".

Related Entries and Links

No Related Resource entered.