Symantec Endpoint Protection Manager (SEPM) encounters an error during the installation and rolls back. Upon reviewing the SEPM_Inst.log file the following error is observed: "CustomAction GPOPolicyReview returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)".
CustomAction GPOPolicyReview returned actual error code 1603
The issue can have a couple different causes:
TMP and TEMP variables do not have the same path.
Restrictive permissions are prohibiting the installation.
An explicit deny will take precedent over an implicit allow. Because of this, when a user is a member of multiple account groups, they can encounter permission issues (even if they are a member of the Administrators group).
Check Temp variables and verify that TMP and TEMP have the same path.
If restrictive permissions cannot be identified, create a new local administrator account that is only a member of the local Administrators group.
Login with the new Administrator account and attempt install again.
Subscribing will provide email updates when this Article is updated. Login is required.