Clients are failing to connect and the first three tabs of the Symantec Endpoint Protection Manager (SEPM) are blank. Failed to connect to server error is displayed when logging into the SEPM and HTTPD.exe is repeatedly crashing in the Windows Event - Application log.
Error-Pacific Standard Time.log:
[Thu Sep 04 10:01:56.951466 2014] [isapi:error] [pid 7912:tid 2520] AH02110: failed call to GetExtensionVersion() in C:/Program Files (x86)/Symantec/Symantec Endpoint Protection Manager/Inetpub/secars/secars.dll
[Thu Sep 04 10:01:56.963466 2014] [mpm_winnt:notice] [pid 7912:tid 3228] Child 7912 Thread 7528: Starting thread to listen on port 8445.
[Thu Sep 04 10:01:58.670865 2014] [isapi:error] [pid 7912:tid 3224] (OS 5)Access is denied. : AH02110: failed call to GetExtensionVersion() in C:/Program Files (x86)/Symantec/Symantec Endpoint Protection Manager/Inetpub/secreg/secreg.dll
[Thu Sep 04 10:01:58.862843 2014] [mpm_winnt:notice] [pid 5268:tid 472] AH00428: Parent: child process exited with status 255 -- Restarting.
The issue is caused by copying conf.properties out of the %SEPM_install_directory%\tomcat\etc folder and then replacing the original conf.properties file with the copied one. The semwebsrv account will not have read access rights on the copied conf.properties, because the copied one inherits permissions from its parent folder, which only provides List folder / read data access. This results in semwebsrv being unable to read conf.properties.
Change the Security options (i.e., permissions) for conf.properties to provide the semwebsrv account with the following permissions: Read
How to give semwebsrv Read permissions on conf.properties:
Click the Security tab
Select semwebsrv under Group or user names:
Check the checkbox for Allow on the Read permission under Permissions for semwebsrv
Restart the Symantec Endpoint Protection Manager Webserver service
Imported Document ID: TECH224343
Subscribing will provide email updates when this Article is updated. Login is required.