How to manually register a Symantec Security Information Manager appliance with a remote directory, or re-register to itself, without using the graphical interface.
Last Updated June 09, 2014
You need to register a Symantec Security Information Manager (SSIM) appliance to itself or to another SSIM appliance, and you do not have access to the SSIM Web configuration to do this.
If you run the sesa-setup command without any options, it will list all available switches. This command is also listed in the /tmp/dirreg.log file when the registration is run from the web configuration. If you run sesa-setup with just the --reg-external option (or only a few of the options above), you will be prompted for all the missing parameters.
The following command for SSIM 4.7.x and SSIM 4.8.x will register the appliance to a directory or back to its own directory
Method 1. Run the command without any option: /usr/sbin/sesa-setup --reg-external If you have any problem during the registration, you can check the following log file: /opt/Symantec/sesa/SesaInstall.log Do not use the loopback IP address to register LDAP. Use IP address, hostname or FQDN. Here is what the prompts and answers should look like:
# sesa-setup --reg-external
Please provide Directory connection parameters:
Enter external SSIM directory ip/hostname and press [ENTER]: <IP Address here> Enter external SSIM directory port (636) and press [ENTER]: 636 Enter external SSIM domain username (administrator) and press [ENTER]: administrator Enter external SSIM domain password and press [ENTER]: <password here> Enter external SSIM directory domain name (Symantec.com) and press [ENTER]: <Domain here>
Enter external Directory Administrator password and press [ENTER]: <cn=root password here>
Enter the local database user (symcmgmt) and press [ENTER]: symcmgmt
Enter the local database user password and press [ENTER]: <password here, usually the same as cn=root>
Method 2. Run the following command after filling in the fields with your information:
If the network interface other than eth0 is configured, then the directory registration will not work unless the eth device defined with the - -device switch.
For example: /usr/sbin/sesa-setup --reg-external --device eth4
is the domain you created when you installed Symantec Security Information Manager you are prompted with Symantec.ses, but your installation will different you can find your domain name by running the following command as root tol return the SSIM Domain you will need to use while reregistering. The first two lines returned will be your SSIM Domain.