How to target systems where the DLP service is not running for uninstall, reinstall
Last Updated March 20, 2019
Upgrading DLP from 14.6 to 15 where the service is not starting causes the same issue to persist in version 15. How do I resolve this situation?
The upgrade does not resolve the service issue. The issue persists even with the new version.
To fix, uninstall and reinstall DLP version 15. The following Solution uses Symantec ITMS to resolve it through a policy.
In the console browse under Manage > Jobs / Tasks.
Right-click on an applicable folder in the tree and choose New > Task.
Choose "Control Service State" from the list.
Set Service name to "EDPA"
Leave Action and Startup type to defaults.
Check the box "Log on as:" and set the radial to "Local system acount".
Click OK to create the task.
Run it against all systems that have upgraded to DLP 15. This will collect data on the service state. Those that are stopped will be targeted using subsequent steps.
Right-click on the new Task and choose "View as XML".
Look for the section labeled "Versions count='x'". Each version will have a version GUID assigned. Find the latest numbered one and copy out the GUID to use later. For example: 0e0f41a4-44f0-4b62-ab1b-d80881b7d61c
In the console browse under Manage > Filters.
Right-click on an applicable folder and choose New > Filter.
Next to the Filter Definition choose "Query Mode: Raw SQL" and click OK.
Click the expand button to view the filter definition.
In the Parameterized Query paste the following SQL query: select ti._ResourceGuid from Evt_Task_Instances ti JOIN TaskOutputPropertyValue tv ON tv.TaskInstanceGuid = ti.TaskInstanceGuid where ti.TaskVersionGuid = '3c22641f-f950-460f-89cc-ec81008daf08' AND tv.Name = 'ServiceState' AND tv.Value LIKE '<int>1</int>'
Change the ti.TaskVersionGuid = to the GUID captured before.
Save the filter.
Import the MSI into the Software Catalog for DLP 15.
Accept the defaults and have the software release created.
Create a Managed Delivery Policy and add the newly imported DLP 15. Under Add, choose Software.
Repeat the action so it shows twice in the list below.
Choose the first entry. Under Command line choose the Uninstall No UI option.
Choose the second entry. Under the Command-line choose Install for all users with no UI (or If a command-line is modified for the environment, choose that one).
Under the Applied to section, select "Applied to" and choose "Targets".
Create a New Target, provide a Name, and click the "Add rule" button.
Select "exclude computers not in", "filters", and use the right field to find the filter created previously.
Provide a schedule to run (Only use a single "Schedule Time" so the policy doesn't run twice). NOTE: Set it ahead so the previous task has time to gather the data for computers that need to run it. At least provide 24 hours later after the task was schedule to run.
Save the policy.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe