Hello Everyone,
Sylink.xml stores the global communication settings. This file is for internal use only and should not be edited. It contains settings from the Symantec Endpoint Protection Manager. If you edit this file, most settings will be overwritten by the settings from the management server the next time the client connects to the management server.
Sylink file is an XML file containing communication settings and following files :-
A list of SEPM servers to connect to
The public SEPM certificate for all servers.
The KCS, or encryption key.
The DomainID that the client belongs to.
PUSH/Pull connection setting
Various log settings
Many times we do observe that even after replacing sylink.xml clients does not communicate.
Sylink.xml contains following information, we can compare exported Sylink.xml file with non communicating clients sylink.xml.
Basic comparison can help to troubleshoot the issue further.
1) Compare Domain ID
2) KCS Value
3) Communication Mode
4) Management Server list
5) Preferred Group
6) Server IP address, hostname.
Sylink.xml file overview.
Enabled = 0, Disabled = 1
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8" ?>
- <ServerSettings DomainId="87DXXXXXXXXXXXXXXXXXXXXXXXX69A" NameSpace="rpc">
<AgentCommunicationSetting AlwaysConnect="1" CommunicationMode="PUSH" DisableDownloadProfile="0" Kcs="5CD564A466665A0333B3B710C0D506F1" PushHeartbeatSeconds="300" RandomizationEnabled="1" RandomizationRange="300" RememberCurrentGroup="0" RememberCurrentPolicyMode="1" UploadCmdStateHeartbeatSeconds="300" UploadLearnedApp="0" UploadLogHeartbeatSeconds="300" UploadOpStateHeartbeatSeconds="300" />
- <ServerList Name="Default Management Server List for My Site">
- <ServerPriorityBlock Name="Priority1">
<Server Address="1.1.1.1" HttpPort="8014" HttpsVerifyCA="0" VerifySignatures="1" />
<Server Address="TEST" HttpPort="8014" HttpsVerifyCA="0" VerifySignatures="1" />
</ServerPriorityBlock>
</ServerList>
<Certificate Name="TEST">MIICizCCAfSgAwIBAgIQCgDRKP7HKMWvgoJuSNiFrzANBgkqhkiG9w0BAQUFADBsMWowCQYDVQQI DAJDQTAKBgNVBAYTA1VTQTAKBgNVBAsMA0VTRzASBgNVBAMMC3N5bWMtMzdXMkszMBQGA1UEBwwN TW91bnRhaW4gVmlldzAbBgNVBAoMFFN5bWFudGVjIENvcnBvcmF0aW9uMB4XDTEyMDYyNDE0NDQ1 MVoXDTIyMDcyMjE0NDQ1MVowbDFqMAkGA1UECAwCQ0EwCgYDVQQGEwNVU0EwCgYDVQQLDANFU0cw EgYDVQQDDAtzeW1jLTM3VzJLMzAUBgNVBAcMDU1vdW50YWluIFZpZXcwGwYDVQQKDBRTeW1hbnRl YyBDb3Jwb3JhdGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4BHkI115mPRygFmmw+br IOdVAJJK/0xWpFXS0x6YQ7u0Q5tHZPsf4s7H9av7/BxE2iUlU1n0VhXdlqqZ7lHv370t0in0vEKh QCOa9cjomJ1NBKc+WCJgZPdstn59r5IpKiZWixLYD1rRdZVt/qUMxcvwa+g9rghAL4d2j03bBYEC AwEAAaMuMCwwKgYDVR0RBCMwIYILc3ltYy0zN1cySzOHBArQEyWCDDEwLjIwOC4xOS4zNzANBgkq hkiG9w0BAQUFAAOBgQAordb2C83+/vf3aSBcxdmzRWtk0g17eFHSsj+WKq9nEhhZvHYnMf15/ogm oIFviYEzo+LAAYz40RZO6FjkkEQuX3I2xm02UY4wSET+lLuAy/2wSHEFq4E6DYY9UH0x5qysJM3t VYMaLu0V4tCIkjeTZw/PSvpZJuUVcKAz5au9tA==</Certificate>
</ServerCertList>
<LogSetting MaxLogRecords="100" SendingLogAllowed="1" UploadProcessLog="1" UploadRawLog="1" UploadSecurityLog="1" UploadSystemLog="1" UploadTrafficLog="1" />
<RegisterClient PreferredGroup="My Company\Test-Group1" PreferredMode="1" />
</CommConf>
</ServerSettings>
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
It's informative to know from where sylink.log file pull up this information.
Domain ID is pull up from following location
SEPM --> Admin --> Domains
KCS = KCS Hash key which is used to encrypt URL strings when communicating with the SEPM server. The server's and client's KCS keys must match for clients to communicate
Communication settings are pullup from following location:
SEPM --> Clients --> Policies --> Communication settings
MSL information is pull up from following location
SEPM --> Policies --> Policy Componenets --> Management Server list
Group structure is pull up from following location
My Company --> Test Group-1
I hope this is been informative.