Tuesday morning I received an email no Symantec Endpoint Manager admin wants to receive
Server name: asdfasdf
Server IP: x.x.x.x
The Symantec Endpoint Protection Manager database has gone down and needs immediate attention.
I went through several likely candidates in the Symantec KB but couldn’t find anything to fix the issue. The database wouldn’t start. As a side note, has anyone else had issues with many search results in the Symantec KB beign a “file not found”?
I ended up reinstalling SEPM and restoring a previous backup because I couldn’t get anything else to work.
The fun didn’t end there. The next day at the same time (midnight) the database died again. This time I called support first thing rather than after me trying many solutions. It was the same as the day before. Really nothing they knew how to do with the database down. I did the same uninstall/reinstall database restore to get services back for the end users. After hours, I installed from scratch and configured much of it by hand. If you find your database backups are corrupt and need to do this.
1. Export all the policy files and any other setting that is exportable.
2. Make sure your configuration is up to date. There are a lot of screens in SEPM but you’ll be glad you screenshot every last one of them and kept it up to date.
3. Even without the database, you can use the recovery file so your clients are still able to check in. Otherwise they’d need a reinstall or a sylink.xml.
4. In the tomcat/etc directory under the SEPM install, edit conf.properties and change scm.agent.roupcreation to true. Restart SEPM. This allows clients to create the groups they were previously assigned to. Otherwise all clients would end up in the default group. Even after creating a new group, the group ID wouldn’t match and you would be stuck moving all clients manually.
I spent three long nights on this issue. I was very glad to have “Essential” support so I could get support on the line outside business hours. Hopefully this was a one time issue. I suspect the database was a little hinky after the upgrade to 12.1.