When attempting to retrieve a suspicious file from an Endpoint Protection client, the Endpoint Protection Manager (SEPM) REST API returns an HTTP 500 Internal Server error. The following situations applies to this issue:
The SEP client in this case was "copied" from an Organization Unit (OU) group in the SEPM to a non-OU "SEPM" group.
When using Symantec Endpoint Detection and Response (SEDR), the "Copy to file store from Endpoint" command fails with "Sepm returned non 200 HTTP response. There was an error."
When using the SEPM REST API directly, the API command returns an http 500 Internal Server error.
semapisrv.log 2019-05-28 13:56:12,234 [http-apr-0.0.0.0-8446-exec-9] ERROR c.s.s.s.c.e.h.GlobalControllerExceptionHandler - EXCEPTION: com.symantec.sepm.server.module.client.command.createCommandByHardwareKey (batch index #2) failed. 1 prior sub executor(s) completed successfully, but will be rolled back. Cause: java.sql.BatchUpdateException: Violation of PRIMARY KEY constraint 'PK_COMMAND'. Cannot insert duplicate key in object 'dbo.COMMAND'. The duplicate key value is (633F6276B08F431F0B86B2D02A7ABAC7, EC71DA459B064B51908F607D1A857FF2).
Symantec is aware of this issue and will update this article when a solution becomes available. Click the Subscribe to this Article button to be notified of future updates through email.
Subscribing will provide email updates when this Article is updated. Login is required.