not funny. cannot install unmanaged client, same eror 1603.
log attached, all events copied and pasted from Application log in chronological order, names of server, doamin and user account have been edited out for security reasons.
***
Log Name: Application
Source: MsiInstaller
Date: 4/24/2012 11:51:51 AM
Event ID: 1040
Task Category: None
Level: Information
Keywords: Classic
User: YY\zzzzzz
Computer: XXXX.YY.lan
Description:
Beginning a Windows Installer transaction: C:\Users\zzzzzz\AppData\Local\Temp\2\Symantec\Sep.msi. Client Process Id: 5384.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MsiInstaller" />
<EventID Qualifiers="0">1040</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:51:51.000Z" />
<EventRecordID>29541</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-21-1060350465-1840301120-2247087147-4608" />
</System>
<EventData>
<Data>C:\Users\zzzzzz\AppData\Local\Temp\2\Symantec\Sep.msi</Data>
<Data>5384</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event>
***
Log Name: Application
Source: Symantec Endpoint Protection
Date: 4/24/2012 11:52:12 AM
Event ID: 34
Task Category: None
Level: Information
Keywords: Classic
User: SYSTEM
Computer: XXXX.YY.lan
Description:
The description for Event ID 34 from source Symantec Endpoint Protection cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
SepMasterService
the message resource is present but the message is not found in the string/message table
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Symantec Endpoint Protection" />
<EventID Qualifiers="16384">34</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:52:12.000Z" />
<EventRecordID>29542</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>SepMasterService</Data>
</EventData>
</Event>
***
Log Name: Application
Source: Symantec Endpoint Protection
Date: 4/24/2012 11:52:12 AM
Event ID: 35
Task Category: None
Level: Information
Keywords: Classic
User: SYSTEM
Computer: XXXX.YY.lan
Description:
The description for Event ID 35 from source Symantec Endpoint Protection cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
SepMasterService
the message resource is present but the message is not found in the string/message table
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Symantec Endpoint Protection" />
<EventID Qualifiers="16384">35</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:52:12.000Z" />
<EventRecordID>29543</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>SepMasterService</Data>
</EventData>
</Event>
***
Log Name: Application
Source: MsiInstaller
Date: 4/24/2012 11:53:17 AM
Event ID: 11708
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: XXXX.YY.lan
Description:
Installation failed
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MsiInstaller" />
<EventID Qualifiers="0">11708</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:53:17.000Z" />
<EventRecordID>29544</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security />
</System>
<EventData>
<Data>Installation failed</Data>
<Binary>7B41334145454136382D414339332D344636462D384432442D3738424246374534323242387D</Binary>
</EventData>
</Event>
***
Log Name: Application
Source: Symantec Endpoint Protection
Date: 4/24/2012 11:53:52 AM
Event ID: 36
Task Category: None
Level: Information
Keywords: Classic
User: SYSTEM
Computer: XXXX.YY.lan
Description:
The description for Event ID 36 from source Symantec Endpoint Protection cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
SepMasterService
the message resource is present but the message is not found in the string/message table
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Symantec Endpoint Protection" />
<EventID Qualifiers="16384">36</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:53:52.000Z" />
<EventRecordID>29545</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>SepMasterService</Data>
</EventData>
</Event>
***
Log Name: Application
Source: Symantec Endpoint Protection
Date: 4/24/2012 11:53:52 AM
Event ID: 37
Task Category: None
Level: Information
Keywords: Classic
User: SYSTEM
Computer: XXXX.YY.lan
Description:
The description for Event ID 37 from source Symantec Endpoint Protection cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
SepMasterService
the message resource is present but the message is not found in the string/message table
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Symantec Endpoint Protection" />
<EventID Qualifiers="16384">37</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:53:52.000Z" />
<EventRecordID>29546</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>SepMasterService</Data>
</EventData>
</Event>
***
Log Name: Application
Source: MsiInstaller
Date: 4/24/2012 11:53:56 AM
Event ID: 11708
Task Category: None
Level: Information
Keywords: Classic
User: YY\zzzzzz
Computer: XXXX.YY.lan
Description:
Product: Symantec Endpoint Protection -- Installation operation failed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MsiInstaller" />
<EventID Qualifiers="0">11708</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:53:56.000Z" />
<EventRecordID>29547</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-21-1060350465-1840301120-2247087147-4608" />
</System>
<EventData>
<Data>Product: Symantec Endpoint Protection -- Installation operation failed.</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>
</Data>
<Data>
</Data>
<Binary>7B41334145454136382D414339332D344636462D384432442D3738424246374534323242387D</Binary>
</EventData>
</Event>
***
Log Name: Application
Source: MsiInstaller
Date: 4/24/2012 11:53:56 AM
Event ID: 1033
Task Category: None
Level: Information
Keywords: Classic
User: YY\zzzzzz
Computer: XXXX.YY.lan
Description:
Windows Installer installed the product. Product Name: Symantec Endpoint Protection. Product Version: 12.1.671.4971. Product Language: 1033. Installation success or error status: 1603.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MsiInstaller" />
<EventID Qualifiers="0">1033</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:53:56.000Z" />
<EventRecordID>29548</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-21-*****************************************************" />
</System>
<EventData>
<Data>Symantec Endpoint Protection</Data>
<Data>12.1.671.4971</Data>
<Data>1033</Data>
<Data>1603</Data>
<Data>(NULL)</Data>
<Data>
</Data>
<Data>
</Data>
<Binary>7B41334145454136382D414339332D344636462D384432442D3738424246374534323242387D</Binary>
</EventData>
</Event>
***
Log Name: Application
Source: MsiInstaller
Date: 4/24/2012 11:53:56 AM
Event ID: 1042
Task Category: None
Level: Information
Keywords: Classic
User: SYSTEM
Computer: XXXX.YY.lan
Description:
Ending a Windows Installer transaction: C:\Users\cdmaster\AppData\Local\Temp\2\Symantec\Sep.msi. Client Process Id: 5384.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MsiInstaller" />
<EventID Qualifiers="0">1042</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-24T15:53:56.000Z" />
<EventRecordID>29549</EventRecordID>
<Channel>Application</Channel>
<Computer>XXXX.YY.lan</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data>C:\Users\zzzzzz\AppData\Local\Temp\2\Symantec\Sep.msi</Data>
<Data>5384</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>(NULL)</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event>
***
do I have to install it using local console session? so far I tried a remote connection to admin session, is this a problem here now?