Endpoint Protection Small Business Edition

We're running SEPM 12.1 on a medium network with 10+ sites over a physically large WAN, we created a root console manager and are in the process of setting up console managers at the sites replicating with the root manager. We are also are delegating server/group management to site techs. We created an admin that is only active for a few days to allow the techs to join the Symantec domain.

Issue 1: Some of the techs did not follow the correct naming convention for their local console manager when initially joining the domain and we ran the server config to make the changes before the initial replication was completed. The default management server list now shows both the correct and incorrect name of the server in the list. Is there a way to get around not being able to delete one of the default manager servers in the list?

Issue 2: (I am assuming) Because of the above issue I'm receiving "Site Status Report" emails stating the incorrectly named server has not replicated but the correctly named server's status is good. If I cannot resolve Issue 1 is there a way to edit this list so that only the correct named sites are in the list?

Hello,

Are you running the Symantec Endpoint Protection Small Business Edition 12.1 OR Symantec Endpoint Protection 12.1?

The above Question is because Replication is not an option in Symantec Endpoint Protection Small Business Edition 12.1.

However, in your case since the replication is completed. I believe you are running the Symantec Endpoint Protection 12.1 and not Symantec Endpoint Protection Small Business Edition 12.1

Check this Article:

How to change the host name of the servers running Symantec Endpoint Protection Manager with a replication partner?

https://www-secure.symantec.com/connect/articles/how-change-host-name-servers-running-symantec-endpoint-protection-manager-replication-partn

http://www.symantec.com/docs/TECH96090

Also, check this Thread - https://www-secure.symantec.com/connect/forums/change-ip-address-sepm-server

VIDEO: https://www-secure.symantec.com/connect/videos/changing-sepm-server-name-and-ip-address

It is the same issue.

Hope that helps!!

Hi,

It's not possible to modify default management server list.

Available option is, break the replication, uninstall SEPM & reinstall again.

In this way it would remove entry from database. However it's less practical if issue is with multiple sites.

You can log a case with support as well.

How to create a new case in MySupport

http://www.symantec.com/docs/TECH58873

How to Create and Validate a SymAccount for using Symantec's MySupport

http://www.symantec.com/docs/HOWTO31127

How to update a support case and upload diagnostic files with MySupport

http://www.symantec.com/docs/TECH71023

It is not possible to edit default management server List. So create an assign a new management server list to clients

Creating and assigning a management server list for a Symantec Endpoint Protection Manager

--------------------------------------------------------------------

Sorry I am not so clear about the Name part. Did you mean the servers having wrong names Still? If yes, after assigning new MSL to clients, wait for a day or so to assurte that all clients received new policy. Rename the server, reboot it once. Run management server wizard.

Hi there,

Your "Default Management Server List" is generated off the server list show in the "Admin > Servers" panel.

If you replicated with incorrect server names, corrected, and reconnected -- you may have "dummy" servers in your Server List. To correct this, do the following:

1. Go to the Admin > Servers tab.
2. Open the "Remote Sites" tree.
3. Delete/Remove any Servers (and optionally any sites) that do not exist (the ones with the wrong name).
4. The "Default Management Server List" on the local site should be updated in a few minutes. The servers you removed from the "Admin > Servers" panel will not be listed.
5. Use Replicate Now, or wait for your standard replication schedule to populate these settings to remote servers.

Your other option is to use a Custom Management Server List.

If you manage multiple sites, a Custom list can be useful because you can make a "central" server as a "Priority 2" server. This ensures that if the server at the local sites goes down for any reason, you are still able to communicate with clients and send them policy updates. This can greatly simply disaster scenarios where you are forced to update the IP address of the local SEPM server as part of your recovery process.

Also, a note about replication. Most people like to use a "central reporting server". They do this by having all the servers replicate, which uploads the logs from all servers to one Central server. But, in these scenarios, it's a waste to send logs back down to the "remote" sites.

So people set the replication settings (Under Admin > Servers > Replication Partners > Properties) to only send the logs in one direction (from the remote site to the central site).

Thank you Ghent. This is what I was looking for. When I made the changes, the remote site list and replication partner list showed both the correct and incorect site and server names. However I only deleted server from the replication partner list however my mistake was not deleting the server in the remote site list. It seems that the "Site Status Report" uses the remote site list to generate these reports.

By deleting the server from BOTH the remote site list and replication partner list I was able to "clean things up" and did a manual replication to all the partner servers. I how have the correct management server list, replication partner list, remote site list and my "Site Status Report" lists only the correct servers in its list.

Thanks again.