I upgraded my production Symantec Endpoint Protection 11 environment from Maintenance Release 2 to Maintenance Release (MR) 4. SEP 11 MR4 MP1 has been announced but it wasn't available on Fileconnect yet. I also didn't want to postpone my upgrade and install MR4 MP1 in the test environment.
My upgrade to MR4 was smooth in the test environment. Or course the production upgrade was less than smooth.
I stopped the SEPM service as directed in the upgrade instructions, but the micro def builder processes continued. This locked files, and the upgrade didn't handle that condition correctly (force retry or replace files on reboot). The SEPM console couldn't open after the upgrade and the recommended fix is to Repair the install in Add/Remove Programs.
After Repairing the install, I was able to log in successfully to SEPM but my clients were no longer checking in.
After fiddling around a bit, we found that the port used by clients had been changed. If you do an upgrade it keeps the port on 80. But the Repair caused the port to be changed to something else. So all my existing clients were trying to connect on a port that was no longer being listed to.
Symantec has a knowledgebase article on changing the port, so I followed those instructions to change the listening port back to 80.
So a couple things to watch out for
1) kill the def builder processes when performing a upgrade.
2) the Repair option is potentially a problem
3) if after an upgrade your client check in, go into IIS and see what port you're listening on. If its the wrong port, check the Symantec KB for exact instructions on fixing.
Leave a comment