Error: "GPOPolicyReview returned actual error code 1603" when installing or upgrading
Last Updated January 25, 2017
Symantec Endpoint Protection Manager (SEPM) encounters an error during the installation and rolls back. Upon reviewing the SEPM_Inst.log file the following error is observed: "CustomAction GPOPolicyReview returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)".
CustomAction GPOPolicyReview returned actual error code 1603
The issue can have a couple different causes:
TMP and TEMP variables do not have the same path.
Restrictive permissions are prohibiting the installation.
An explicit deny will take precedent over an implicit allow. Because of this, when a user is a member of multiple account groups, they can encounter permission issues (even if they are a member of the Administrators group).
Check Temp variables and verify that TMP and TEMP have the same path.
If restrictive permissions cannot be identified, create a new local administrator account that is only a member of the local Administrators group.
Login with the new Administrator account and attempt install again.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe