Endpoint Protection

 View Only
Expand all | Collapse all

Lost encryption password

  • 1.  Lost encryption password

    Posted Oct 06, 2009 09:18 AM
    Hi,

    When I have install my SEP 11.x, I have not write the encryption password.  I would like to know if I can found it or reset this password wihtout affecting my clients.

    What is the importance of this password in a disaster recevory if I have all of my backup ?

    Thanks,

    Steve


  • 2.  RE: Lost encryption password

    Posted Oct 06, 2009 09:26 AM

    SEPM uses your encrpytion password to create certificates using 2 fish alogorthum
    its important in disaster recovery in case you dont have backups

    http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/a0edb796f583c886882574aa004c1f60?OpenDocument

     



  • 3.  RE: Lost encryption password

    Posted Oct 06, 2009 09:28 AM
    P.S: If you choose the Simple configuration type, the password that is specified for the SEPM Administrator account is also the encryption password. If the Administrator password is reset post-installation, the encryption password does not change


  • 4.  RE: Lost encryption password

    Posted Oct 06, 2009 10:10 AM
    Hi,

           If, during the configuration portion of the SEPM,  the "Simple" configuration option is chosen, then the encryption password should be the same as the admin login for the console (see page 66 of the install guide).  Please note, however, that resetting the admin login does not reset the encryption password.

     If an "Advanced" configuration was performed and a different passphrase was entered, there is currently no way to recover or reset the encryption password.  The only resolution, at this time, is to reinstall the management server with a new encryption password (place this password in a very secure place, ie., a safe) and push the new sylink.xml file to all of the agents so that they get the new SEPM GUID.  I've included the manual steps for doing this below:

    1.  Export an agent package after the SEPM has been reinstalled, making sure to NOT create a single .exe.  This is important because we want to have access to the new sylink.xml file as a source for bringing the agents back into communication with the SEPM.

    2.  Copy the sylink.xml file from the newly exported agent package to a network share.

    3.  Log into an agent host and stop the agent service by typing "smc -stop" at the "run" line.

    4.  Browse to <install directory>\Symantec\Symantec Endpoint Protection and rename the existing sylink.xml file to "sylink.xml.old"

    5.  Copy the new sylink.xml file to <install directory>\Symantec\Symantec Endpoint Protection.

    6.  Start the agent service back up by typing "smc -start" at the "run" line.  You should see the agent connect with a green dot in the tray icon.

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009032611453348


  • 5.  RE: Lost encryption password

    Posted Oct 06, 2009 03:47 PM
    Hi,  I need to upgrade my SEPM from 11.0.3 to 11.0.5.  In a upgrade, is it possible to change this encryption password ?

    There is a method to test some password to valide what is the good password ?  I have some idea of the password, but i'm not sure.


  • 6.  RE: Lost encryption password



  • 7.  RE: Lost encryption password

    Posted Oct 07, 2009 08:43 AM
    Hi,  I would not find the database password, I would like to know if there is a method to find the encryption password if I try to restore my configuration on another server.  I need to try some password for the encryption password, but I,m not sure the exact password.

    Steve


  • 8.  RE: Lost encryption password

    Posted Oct 07, 2009 09:00 AM
    I would say , its not possible as far as i know.


  • 9.  RE: Lost encryption password

    Posted Oct 07, 2009 09:15 PM
    Hi Rafeeq,  you have write that the password is necessary only if I don't have a valid password, because I need to re-install SEP.  Without the good password, the client cannot communicate with SEPM.

    I would like to know if I can simulate a crash recovery in a lab to re-install SEPM for tryingy somes password to know if the communication with my clients works. 

    If possible, do you have some hints to try this in the receovry and checking if the communicationis working with the SEPM after the restore.

    Thanks,

    Steve


  • 10.  RE: Lost encryption password

    Posted Oct 08, 2009 02:54 AM

    Are you looking for such a solution?

    Alternate way for restring SEPM

    1.Install SEPM in a new server which is having same host name and ip address and configure it with same site name

    2.Restore the database

    3.Copy keystore.jks file from Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc and server.xml file from \Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\conf to new server same location.

    4.Reconfigure the SEPM.

     


  • 11.  RE: Lost encryption password

    Posted May 12, 2010 02:47 AM
    Hi 

    As mentioned by Vikram you may get the encryption password which is the same as database password at the following link.



    How to find the Database password for Embedded Database

     https://www-secure.symantec.com/connect/articles/how-find-database-password-odbc

    However, if you install SEPM on a different server and restore the database, the clients will only communicate if the server on which SEPM is installed has the same host name and ip as the old server.

    If the ip and host name of the new server are different, then sylink needs to be replaced.

    Let us know if any more detailed information is required.