Endpoint Protection client is trying to register with an invalid Domain ID
search cancel

Endpoint Protection client is trying to register with an invalid Domain ID

book

Article ID: 177404

calendar_today

Updated On:

Products

Endpoint Protection Endpoint Security Endpoint Security Complete

Issue/Introduction

Within the Symantec Endpoint Protection Manager (SEPM) logs or console, it can be seen that a SEP client is trying to register with an invalid Domain ID.

SEPM FINEST logging may need to be enabled to see all details:

scm-server-0.log

java.lang.IllegalArgumentException: Client is trying to register with invalid Domain ID 45A7120CC0A8ECFE013AFAC794DDE8E0 from xxxxxxxxx
com.sygate.scm.server.agentmanager.InvalidDomainIdRegistrationException: Client xxxxxx is trying to register with invalid Domain ID AD8FED1CC0A801EA202DF86C3BB4DE7E

AgentRegister-0.log

THREAD 65 FINE:  calling close on connection.
THREAD 65 FINE: Return connection to pool.
THREAD 65 WARNING: AgentRegisterHandler> registerClient> Error-> Invalid Domain ID: [32E95C2B0AF80F640B0E9CC6B9F460E2]
THREAD 65 WARNING: <?xml version="1.0" encoding="UTF-8"?><SSARegData NameSpace="rpc"><AgentInfo DomainID="32E95C2B0AF80F640B0E9CC6B9F460E2" AgentType="105" 

Export System Server Activity logs from SEPM Under the "Error Code" column will see "Unexpected server error." and in "Stack Trace" column below error is seen 

com.sygate.scm.server.agentmanager.InvalidDomainIdRegistrationException: Client xxxxxxx is trying to register with invalid Domain ID 32E95C2B0AF80F640B0E9CC6B9F460E2.  at com.sygate.scm.server.agentmanager.actions.AgentRegisterHandler.registerClient(AgentRegisterHandler.java:705)  at com.sygate.scm.server.agentmanager.actions.AgentRegisterHandler.agentRegister(AgentRegisterHandler.java:392)  

In the SEPM, Server tab activity logs can see multiple "Unexpected server error" events 

Cause

The sylink.xml file being used by one or more clients refers to a Domain ID that no longer exists. This could occur if the SEPM was reinstalled or a former Domain has been deleted.

Resolution

There are two different solutions for this issue.
 

  1. When this issue occurs a file called InvalidDomainChange.properties should be created within the <SEPM Install>\tomcat\etc folder. If you have never had this issue then the file will not be present. Edit the InvalidDomainChange.properties file. You should see something that looks similar below:

    #Contains Invalid Domain ID and the corresponding Domain ID to be used to move a client
    #Wed Jun 07 17:58:24 CDT 2017
    HWI83LM21M9S932AAPWGG524YTW99=
    L27AAA45MND2U1JK564786DDDF87611=


    Edit the file to include the current Domain ID in use on the SEPM found when going to Admin > Domains. Below is an example edit of the properties file which will re-direct clients to use the B9D51233C0A8C5A6007AEB8641A0EB46 Domain ID. Again, every SEPM domain will be different so check Admin > Domains to find the correct Domain ID to use.

    #Contains Invalid Domain ID and the corresponding Domain ID to be used to move a client
    #Wed Jun 07 17:58:24 CDT 2017
    HWI83LM21M9S932AAPWGG524YTW99=B9D51233C0A8C5A6007AEB8641A0EB46
    L27AAA45MND2U1JK564786DDDF87611=B9D51233C0A8C5A6007AEB8641A0EB46


    Save the InvalidDomainChange.properties file after making the change and then restart the SEPM and SEPM Webserver services. This will redirect clients containing the two Domain IDs on the left to the Domain ID noted on the right.
     

  2. Follow the steps in How do I replace the client-server communications file on the client computer? to provide affected clients with new communication that includes the correct Domain ID.

 

NOTE: The domain ID is just an identifier related to administrative domains under SEPM, it is NOT related to windows domain groups.