Point clients to a new Endpoint Protection Manager after decommissioning or replacing the existing one

Point clients to a new Endpoint Protection Manager after decommissioning or replacing the existing one

TECH92556 April 2nd, 2019 https://www.symantec.com/docs/TECH92556
Support / Point clients to a new Endpoint Protection Manager after decommissioning or replacing the existing one
Was this article helpful?

Thank you for your feedback!

Provide feedback on this article

Thank you for your feedback!
Print Article
Related Products
Subscribe to this Article
Manage your Subscriptions
Search Again

Situation

Plan to uninstalled, decommission, or replace existing primary (or only) Symantec Endpoint Protection Manager (SEPM) in the environment. What is the recommended method to move existing Symantec Endpoint Protection (SEP) clients to a new Endpoint Protection Manager?

 

Solution

Three main ways exist to point an Endpoint Protection client to an Endpoint Protection Manager. Choose the solution that works best for the situation.

Solution 1

In Endpoint Protection Manager version 12.1 RU2 or later, the preferred method to deploy new communications settings is to use the Client Deployment Wizard. This process is described in the following article:

Restoring client-server communications with Communication Update Package Deployment

Solution 2

Export a client install package with custom settings that specify the removal of the previous client-server communication settings, and then deploy the package.

To create custom client install settings

  1. Log on to the new Endpoint Protection Manager that will manage the client.
  2. Click Admin > Install Packages.
  3. Click Client Install Settings, then click Add Client Install Settings.
  4. Under Upgrade Settings, click Remove all previous logs and policies, and reset the client-server communications settings.
  5. Set all other options as desired.
  6. Click OK.

To export a client using the custom client install settings

  1. Click Admin > Install Packages.
  2. Click Client Install Packages, then click the package to be exported from the right-hand pane.
  3. Click Export Client Install Package...
  4. Ensure "Pick the customized installation settings below:" is set to the custom install settings that were created previously.
  5. Set all other options as desired.
  6. Click OK to export the new package.
  7. Deploy this package by the desired method.

Notes:

  1. As of Endpoint Protection 12.1 RTM this procedure moves the client to a new Endpoint Protection Manager if the installation package version is newer than the version currently installed on the target client. If attempting to install with the same build that the client already has, the client does not move to a new Endpoint Protection Manager. In these scenarios, you should use Solution 1.
  2. This procedure only overwrites Sylink.xml on a previously new (not migrated from Symantec AntiVirus (SAV)) install of Endpoint Protection. If the client was migrated from SAV, the old Sylink.xml does not get overwritten because the Endpoint Protection files are located in \Program Files\Symantec Antivirus and not \Program Files\Symantec\Symantec Endpoint Protection.

Solution 3

Copy Sylink.xml manually to the Endpoint Protection client.

To get the file Sylink.xml, follow the instructions on this page: Exporting the client-server communications file (Sylink.xml) manually. Replace the file Sylink.xml on the client computer directly with SylinkDrop. SylinkDrop is included with the Endpoint Protection Manager 12.x installation file, in the folder \Tools\SylinkDrop. To avoid a Tamper Protection alert, use the SylinkDrop tool. Alternately import Sylink.xml directly into the Endpoint Protection client user interface (Help > Troubleshooting > Management; under Communication Settings, click Import).

It is still possible to manually replace Sylink.xml on the client computer if Tamper Protection is disabled first. Perform the following procedures on the computer to point to a new Endpoint Protection Manager:

To disable Tamper Protection

  1. Open the Endpoint Protection client user interface.
  2. Click Change Settings.
  3. Next to Client Management, click Configure Settings.
  4. Uncheck Protect Symantec security software from being tampered with or shutdown.

To replace Sylink.xml manually

  1. Stop the SMC service by clicking Start > Run, and then entering smc -stop.
  2. Once the service is stopped, copy the Sylink.xml file from the new Endpoint Protection Manager to the client in one of the following locations:
    • For Windows Vista, Windows 7 / Server 2008 or later: C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Config
    • For Windows XP / Server 2003: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\CurrentVersion \Data\Config
  3. Replace the existing file and restart the SMC service with Start > Run, and then enter smc -start.

After performing the steps in one of these solutions, log into the new Endpoint Protection Manager. Navigate to the Clients tab, select the target group, and then click the Clients tab. The client (or clients) should begin to appear in the group.

Note: If the client is in a different group than intended, right-click the client, click Move, and then select the correct group for the client.

 

Imported Document Id

TECH92556

Legacy ID

2009022414415348

Terms of use for this information are found in Legal Notices.

Translated Content

This is machine translated content

Didn't find the article you were looking for? Try these resources.

Supported Products A-Z

Get support for your product, with downloads, knowledge base articles, documentation, and more.

Education Services

Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.

Submit a Threat

Submit a suspected infected file to Symantec.

Submit a False Positive

Report a suspected erroneous detection (false positive).

Need Help with Endpoint Protection?

Set default language

Do you wish to save this as your future site?