Endpoint Protection

 View Only
Back to Library

Sylink.xml and It's Contents 

Jul 27, 2012 07:17 AM

Hello Everyone,

Sylink.xml stores the global communication settings. This file is for internal use only and should not be edited. It contains settings from the Symantec Endpoint Protection Manager. If you edit this file, most settings will be overwritten by the settings from the management server the next time the client connects to the management server.

Sylink file is an XML file containing communication settings and following  files :-

A list of SEPM servers to connect to

The public SEPM certificate for all servers.

The KCS, or encryption key.

The DomainID that the client belongs to.

PUSH/Pull connection setting

Various log settings

 

Many times we do observe that even after replacing sylink.xml clients does not communicate.

Sylink.xml contains following information, we can compare exported Sylink.xml file with non communicating clients sylink.xml.

Basic comparison can help to troubleshoot the issue further.

1) Compare Domain ID

2) KCS Value

3) Communication Mode

4)  Management Server list 

5) Preferred Group

6) Server IP address, hostname.

 

Sylink.xml file overview.

Enabled = 0, Disabled = 1

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

<?xml version="1.0" encoding="UTF-8" ?>
- <ServerSettings DomainId="87DXXXXXXXXXXXXXXXXXXXXXXXX69A" NameSpace="rpc">
- <CommConf>
  <AgentCommunicationSetting AlwaysConnect="1" CommunicationMode="PUSH" DisableDownloadProfile="0" Kcs="5CD564A466665A0333B3B710C0D506F1" PushHeartbeatSeconds="300" RandomizationEnabled="1" RandomizationRange="300" RememberCurrentGroup="0" RememberCurrentPolicyMode="1" UploadCmdStateHeartbeatSeconds="300" UploadLearnedApp="0" UploadLogHeartbeatSeconds="300" UploadOpStateHeartbeatSeconds="300" />
- <ServerList Name="Default Management Server List for My Site">
- <ServerPriorityBlock Name="Priority1">
  <Server Address="1.1.1.1" HttpPort="8014" HttpsVerifyCA="0" VerifySignatures="1" />
  <Server Address="TEST" HttpPort="8014" HttpsVerifyCA="0" VerifySignatures="1" />
  </ServerPriorityBlock>
  </ServerList>
- <ServerCertList>
  <Certificate Name="TEST">MIICizCCAfSgAwIBAgIQCgDRKP7HKMWvgoJuSNiFrzANBgkqhkiG9w0BAQUFADBsMWowCQYDVQQI DAJDQTAKBgNVBAYTA1VTQTAKBgNVBAsMA0VTRzASBgNVBAMMC3N5bWMtMzdXMkszMBQGA1UEBwwN TW91bnRhaW4gVmlldzAbBgNVBAoMFFN5bWFudGVjIENvcnBvcmF0aW9uMB4XDTEyMDYyNDE0NDQ1 MVoXDTIyMDcyMjE0NDQ1MVowbDFqMAkGA1UECAwCQ0EwCgYDVQQGEwNVU0EwCgYDVQQLDANFU0cw EgYDVQQDDAtzeW1jLTM3VzJLMzAUBgNVBAcMDU1vdW50YWluIFZpZXcwGwYDVQQKDBRTeW1hbnRl YyBDb3Jwb3JhdGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4BHkI115mPRygFmmw+br IOdVAJJK/0xWpFXS0x6YQ7u0Q5tHZPsf4s7H9av7/BxE2iUlU1n0VhXdlqqZ7lHv370t0in0vEKh QCOa9cjomJ1NBKc+WCJgZPdstn59r5IpKiZWixLYD1rRdZVt/qUMxcvwa+g9rghAL4d2j03bBYEC AwEAAaMuMCwwKgYDVR0RBCMwIYILc3ltYy0zN1cySzOHBArQEyWCDDEwLjIwOC4xOS4zNzANBgkq hkiG9w0BAQUFAAOBgQAordb2C83+/vf3aSBcxdmzRWtk0g17eFHSsj+WKq9nEhhZvHYnMf15/ogm oIFviYEzo+LAAYz40RZO6FjkkEQuX3I2xm02UY4wSET+lLuAy/2wSHEFq4E6DYY9UH0x5qysJM3t VYMaLu0V4tCIkjeTZw/PSvpZJuUVcKAz5au9tA==</Certificate>
  </ServerCertList>
  <LogSetting MaxLogRecords="100" SendingLogAllowed="1" UploadProcessLog="1" UploadRawLog="1" UploadSecurityLog="1" UploadSystemLog="1" UploadTrafficLog="1" />
  <RegisterClient PreferredGroup="My Company\Test-Group1" PreferredMode="1" />
  </CommConf>
  </ServerSettings>

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

It's informative to know from where sylink.log file pull up this information.

Domain ID is pull up from following location

SEPM --> Admin --> Domains

KCS =  KCS Hash key which is used to encrypt URL strings when communicating with the SEPM server. The server's and client's KCS keys must match for clients to communicate

Communication settings are pullup from following location:

SEPM --> Clients --> Policies --> Communication settings

 

MSL information is pull up from following location

SEPM --> Policies --> Policy Componenets --> Management Server list

Group structure is pull up from following location

My Company --> Test Group-1

 

I hope this is been informative.

Statistics
0 Favorited
6 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

melboy16
Jun 05, 2017 09:16 AM

i see.. thank you Chetan Savade

Chetan Savade
Jun 05, 2017 05:10 AM

We can not edit default management server list.

Create new management server list and assign as per the requirement. 

melboy16
Jun 04, 2017 11:48 PM

why you cannot edit Management server list??

SEPM --> Policies --> Policy Componenets --> Management Server list

John Santana
Feb 07, 2013 06:08 PM

Thanks forhe very specific and detailed article Chetan !

Related Entries and Links

No Related Resource entered.