On a Symantec Endpoint Protection (SEP) 12.1 client, when you try to replace the sylink.xml file manually by copying it into C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.x.x.x\data\config, you receive error message and you are unable to copy in the file.
Access is Denied. Make sure that the disk is not full or write protected.
This behavior is expected. In SEP 12.1, Tamper Protection prevents direct modification of Symantec files.
Use one of the supported methods below to replace the sylink.xml file on a SEP 12.1 client machine.
Import the sylink.xml using SylinkDrop.exe tool. This tool is located in the installation folder. By default:
- SEP Client >> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\<current_install_build_number>\Bin\SylinkDrop.exe.
- SEPM >> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Tools\SylinkDrop\SylinkDrop.exe
Import the sylink.xml within the client by going to Help > Troubleshooting > Click on Import... under Communication Settings.
It is still possible to manually replace the sylink.xml file, however in order to do so Tamper Protection must first be disabled. This can be done on the client by going to Change Settings > Click Configure Settings under Client Management > Tamper Protection (Tab) > Then uncheck the box that says Protect Symantec security software from being tampered with or shut down.
Once tamper protection is disabled:
- Stop the SMC service by going to Start > Run > type in > smc -stop.
- Once the service is stopped copy the sylink.xml file from the new SEPM and on the client side put that sylink.xml file under
"\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\<current_install_build_number>\Data\Config"
For Windows 7/2008/vista :
C:\Users\All Users\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config
- Replace the existing file and restart the SMC service with Start > Run > smc -start
Use the Communincation Update Package Deployment from the Symantec Endpoint Protection Manager 12.1 RU2 or newer.