Server Symantec and XP

Help for Schools installing Symantec on their Networks.

 

  1. Setting up a XP PC to act as a SEPM Server.
  2. Setting up XP PCs so that they can be managed remotely with the Symantec Endpoint Console.
If you would like help with the installation of the MoE Symantec at your school, which includes an XP PC to manage the distribution of updates and monitoring of school PCs, call us on 06-379-6668, 021-827-660 or email us.

 

 

 

In this environmnet we are using an XP PC acting at the distribution server. While this is not perfect, since only 10 PCs can get updates at a time, this is cheaper than buying a Windows 2007 Server just to act as the distribution server.

Setting up the Distribution Server

  1. Setup a user called antiv
    1. If on a Domain makes this a Domain User
    2. If on a Workgroup, just make them a Local User
    3. Set the user up as an Administrator on this PC
    4. Give them your default Symantec Password, what ever that is.
    5. REBOOT
  2. Install IIS
    1. This is how:
  3. REBOOT
  4. Run Symantecs Support Tool (available HERE
    1. Fix any issues that this too highlights.
    2. Run this command at the CMD screen
    3. netsh firewall add portopening tcp 445 endpoint
    4. Some of the errors are bogus, like this one
    5. Error 1,021.98 MB physical memory is less than the required 1G
    6. Others like this one need attention
    7. Can local users authenticate as themselves?
      1. Open Control Panel
      2. Open Administrative Tools
      3. Open Local Security Settings
      4. Open Local Policies
      5. Open Security Options
      6. Open Network access: Sharing and security model for local accounts
      7. Change to: Classic - local users authenicate as them selves.
  5. Install (SEPM) Symantec Endpoint Protection Manager from the CD
    1. This is how:
    2. We use the user admin and our standard admin password.

Setting up Clients.

This tool will examine your PC for any issues. CLICK HERE

Workgroup

  • You must have a user (local user) on the remote PC that has administrator rights.
  • File and Print sharing must be active.
  • This command achives this: netsh firewall add portopening tcp 445 endpoint
  • Run the UNINSTALL-CA program from the CD
  • Run Symantecs Support Tool (available HERE)
  • Review errors and correct.
  • Previously we have setup a one file installation package on the XP PC acting as the SEPM.
  • Install SEP from this file as it has all the setting for connecting to the SEPM.

Domain

  • You must have a user (from the domain) on the remote PC that has administrator rights.
  • File and Print sharing must be active.
  • This command achieves this: netsh firewall add portopening tcp 445 endpoint.
  • Run the UNINSTALL-CA program from the CD
  • Run Symantecs Support Tool (available HERE)
  • Review errors and correct.
  • Previously we have setup a one file installation package on the XP PC acting as the SEPM.
  • Install SEP from this file as it has all the setting for connecting to the SEPM.

Converting Unmanaged Clients to be Managed.

At the Server (Plagerised from here)

  1. Log on to the Symantec Endpoint Protection Manager Console.
  2. In the Console, in the left pane, click Clients.
  3. In the View Clients column, select the group to which you want to assign the unmanaged client.
  4. Right-click the selected group, then click Export Communication Settings at the bottom of the drop-down menu.
  5. In Export Communication Settings, in the group name dialog box, click Browse.  The default selection is My Documents.
  6. In the Select Export File dialog, locate the folder to which you want to export the sylink.xml file, and click OK.
  7. In the Export Group Registration Setting for group name dialog box, select one of the following options:
    1. To apply the policies from the group from which the computer is a member, click Computer Mode.
    2. To apply the policies from the group from which the user is a member, click User Mode.
  8. Click Export.
  9. If the file name already exists, click OK to overwrite it, or Cancel to save the file with a new file name.

At the Client

  1. Copy the file to the desktop of the unmanaged computer.
  2. Open the client interface on the unmanaged computer.
  3. Click on Help and Support and select Troubleshooting.
  4. Click Import Profile, browse to the .xml file exported from the Manager,
  5. and click OK.
  6. REBOOT
  7. Check that the new settings have been accepted

Close out of this Troubleshooting area and enter back in and you should see changes to status.

Open the Symantec Endpoint Protection Manager Console | Client | Clients and this Client should be there now.

 

Copyright © 2009 -Access Information Limited-.
All Rights Reserved.

Joomla template created with Artisteer.