Symantec Endpoint Protection Manager is showing over deployment of clients
search cancel

Symantec Endpoint Protection Manager is showing over deployment of clients

book

Article ID: 154935

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

The Symantec Endpoint Protection Manager (SEPM) shows over deployment of clients

In the licensing field it says "Attention Needed", and if clicked, it will show that the SEPM is over deployed with "x" number of clients.

++++++++++

Overployment errors can also be seen in the scm-server-0.log:

<timestamp>.THREAD 150 WARNING: EELicenseHelper.getOverdeploymentClientCount(). Deployed count for SEP = 5014
<timestamp>.THREAD 150 WARNING: EELicenseHelper.getOverdeploymentClientCount().Total licenses seats for SEP = 5000
<timestamp>.THREAD 150 WARNING: Overdeployment count for SEP = 14

Cause

Clients have been removed from the network without first uninstalling the Symantec Endpoint Protection (SEP) client and are still showing as using a license seat.  Additionally the client have not met the requirement for the auto remove after x number of days of not checking into the manager.

Resolution

The following procedure will cause the SEPM to remove clients from its database that have not checked in within the past 24 hours, and thereby reclaim these license seats. If the number of installed clients is more than the license seat count then this will not resolve the issue. In that case more seats would need to be purchased.

1. In the SEPM go to Admin > Domains
2. Select Domain and under Tasks "Edit Domain Properties"
3. Under the General tab, change the option "Delete clients that have not connected for" to 1 day then click OK
4. Under the General tab, change the option, “Delete non-persistent VDI clients that have not connected for” to 1 day then click OK
5. Go to Admin > Servers
6. Right-click on the database server\instance name below Local Site and click "Truncate transaction log now"
Note: For Embedded database, the name will be localhost below Local Site.
7. Right-click on the database server\instance name below Local Site and click "Rebuild indexes now"
8. After both commands have completed, wait a minimum of 24 hours for licenses to free up.

If in a multi-site configuration you will need to ensure that these steps above are followed at each site.  Additionally make sure that you are able to successfully replicate without error as clients that are marked for deletion must be flagged for delete on all sites in all the replicated databases.

 

Note: In addition to what's posted above, if additional licenses are still required, they may be added using the steps found here: https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/licensing-v15883016-d31e6.html  A SEPM install isn't limited to one SLF install file, additional license files may be added as needed.