Dear PGA_CR
Pls try this
Reset Internet Information Services (IIS)
In some cases simply resetting IIS can resolve this issue. Follow the steps below:
- Exit SEPM
- Click Start > Run.
- Type iisreset
- Click OK.
- Log into SEPM again.
Check the IIS Configuration
Verify IIS permissions and account(s) rights are set correctly
Use the Microsoft IIS Diagnostics Toolkit to identify all the rights and permissions on the accounts. The toolkit is available from Microsoft at:
http://www.microsoft.com/downloads/details.aspx?familyid=9BFA49BC-376B-4A54-95AA-73C9156706E7&displaylang=en
Verify the DefaultAppPool identity is set to 'Network Service'
- Open the IIS Administrator
- Expand <server name> > Application Pools
- Right-click DefaultAppPool and select Properties
- On the Identity tab verify the Predefined radio button is selected and that Network Service is on the drop down list
- If Network Service is listed then try adding the Local System
Note: Parts of these instructions cannot be performed with Windows XP running IIS 5.1 or Windows 2000 running IIS 5.0.
For either, there is no "application pool in the configuration and "IP address and domain name restrictions" are dimmed in the virtual server settings.
Microsoft purposely denies access to these settings.
Verify user rights.
- Run gpedit.msc
- Expand Computer Configuration > Windows Settings > Security Settings > Local Policies
- Select User Rights Assignment in the left-hand pane
- Go to the Adjust memory Quotas for a Process item and double click.
- Verify that LOCAL SERVICE and NETWORK SERVICE are listed under the Local Security Setting tab.
- Go to the Replace a process-level token item and double click. Again, verify that LOCAL SERVICE and NETWORK SERVICE are listed.
Note: If the "Add User or Group..." button is disabled, it may be locked by a domain GPO (group policy object) which will require an assessment of domain GPOs.
- Restart the IIS Admin service to update any changes
Verify Authentication and Access Control.
- Open the IIS Administrator
- Right-click Default Web Site and click Properties
- On the Directory Security tab, under Authentication and Access Control, click Edit
- Verify that Enable Anonymous Access is selected
- Please select the appropriate setting if you are utilizing Authenticated Access
If SSL is not implemented, verify that Secure Communications is not selected
- Open the IIS Administrator
- Right-click Default Web Site and select Properties
- On the Directory Security tab, under Secure Communications click Edit
- Verify Require Secure Channel (SSL) is not selected
Re-enable logging in IIS
Examine the IIS logs to get the full error code. The default location for the logs is
C:\Windows\System32\LogFiles\W3SVC1
In the IIS manager, right click each site where you wish to have the logs, such as Reporting and Secars, and select
Log visits and click OK.
If you have to contact technical support, have these logs ready for the technicians.
Testing the ODBC Connection
Note: On a 64-bit computer, a 32-bit DSN is created and is accessible via (by default) C:\Windows\SysWoW64
\Odbcad32.exe.
For an SQL database
- Verify the following:
- You specified a named instance during installation and configuration. For example: \\<server name>\<instance name>
- The SQL Server is running and properly configured
- The network connections between Symantec Endpoint Protection Manager and the SQL database.
- Test the ODBC connection.
- Open Control Panel > Administrator Tools
- Double click Data Sources (ODBC)
- On the System DSN tab, double-click SymantecEndpointSecurityDSN
- Go through the wizard to ensure the following settings:
Name: SymantecEndpointSecurityDSN
Description: <Anything>
Server: Servername\InstanceName (Only enter the server name or IP address if using the default instance)
Login ID: sa
Password: <password>
- Leave the defaults for the rest of the items and click Finish
- Click Test Data Source , it should return "Success"
- Click OK
Check system resources
You should have at least 1GB of RAM available. If not, CPU usage may be high and this could be affecting the issue. Refreshing the console may help temporarily but it is only a workaround and not a solution.
Loopback address disabled Reporting pages may fail to appear if loopback addresses are disabled on the computer. If you have disabled loopback addresses on your computer, you must associate the word localhost with your computer IP address. You can use the Windows hosts file to do this. For example, on computers running Windows XP, do the following:
- Change the directory to the location of your hosts file. By default, the hosts file is located in%SystemRoot%\system32\drivers\etc
- Open the hosts file with an editor such as Microsoft Notepad.
- Add the following line to the file:
xxx.xxx.xxx.xx localhost # to log on to reporting functions (where xxx.xxx.xxx.xx is the IP address of your computer)
- Save and close the hosts file.
Remote Desktop Protocol (RDP)
There may be various issues with unpredictable results associated with RDP when installing or managing SEP or SEPM. To avoid these, it is best to install or manage SEP or SEPM locally. If that is not possible you can:
- Use pcAnywhere
- Use the switch that Microsoft recommends to shadow a console session within an RDP session.
Note: A Windows Server 2003 server must be configured to permit remote control
For reference, read the Microsoft article: How to Connect to and Shadow the Console Session with Windows Server 2003 Terminal Services
http://support.microsoft.com/kb/278845
Verify the version of PHP that SEPM is using
Running multiple versions of PHP installed and used by different software products may cause conflicts. PHP performs a check for global configuration (php.ini) in a variety of locations. It forces each product to use its own interpreter which allows the product to operate properly and to use the correct version of PHP associated with each product.
To check if there is a version conflict with the version of PHP that SEPM is using:
- Open a blank document with a text editor (Notepad for example.)
- Copy/paste the following code into the document:
<?phpinfo();?>
- Save the document as phpinfo.php in the folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP
- Click Start > Run
- In the Open box type: cmd
- In the command window type:
cd "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP"
php phpinfo.php | more
If you see text output to the screen that displays the status of PHP, then PHP is installed.
- Confirm that this is the correct version by:
- comparing it to the version of the file: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP\php.exe".
The version displayed by the php command and the version of the file should match.
- See the line in the output text on screen that says Loaded Configuration File =>
This is the configuration file the installed version of PHP is using. Ideally, this file will be: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP\Php.ini
- If you see text that says: " 'php' is not recognized as an internal or external command", then the PHP installation for SEPM is broken. In this case, do the following:
- Close the command prompt.
- Copy the file 'phpinfo.php' to C:\
- Click Start > Run. Type cmd
- In the command window type: php phpinfo.php | more
- If the command returns: " 'php' is not recognized as an internal or external command", then PHP is not installed and registered with the OS. the problem is not with SEPM as long as step 6 produced a result.
- If the command returns a status of PHP, then PHP is installed and registered with the operating system. If the version displayed here does not match the version installed with SEPM (step 7), then there is a problem (version mismatch).
- Close the command prompt.
- Copy the 'phpinfo.php' file to: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Reporting
- Open the web browser to: http://LocalHost/Reporting/phpinfo.php. A browser page describing the PHP status should display. If a 404 page "Page not found" displays, turn your troubleshooting to IIS.
Resolving a PHP version conflict with SEPM
If you do find a PHP version conflict, read the article: Specifying the php.ini file used by the Symantec Endpoint Protection Manager (SEPM) Reporting website at http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008060213161448
If this article does not work try the following workaround. Be advised that any application depending on the PHP version different from the PHP version used by SEPM may be disabled or broken.
- Make a back up of the PHP folder that is not the SEPM version. Call this folder A.
- Copy the contents of the PHP folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP to folder A (overwriting any and all files)
- Restart the SEPM service. A restart of the entire computer may be needed.
Uninstall/Reinstall the SEPM
If it proves necessary to uninstall and reinstall the SEPM, follow the instructions in the following articles:
Warm regards,
Sumit Bose