Monday, September 24, 2012

Symantec Endpoint Protection v11, Switching a Client PC from Managed to Unmanaged

This procedure is intended only for version 11 of Symantec Endpoint Protection.

This procedure is for a client PC that was configured as "Managed" and, thus, takes its configuration from a server. You may want to make it an "Unmanaged", standalone client for specific reasons, eg testing specific configuration parameters or because the server is no longer available.

If the server is still available to you, you can use the method given by Symantec.

If, as was my case, you cannot access the server and you do not want to reinstall the whole software suite, you can proceed this way:
  1. Open regedit and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate.
  2. Set the key named AllowManualLiveUpdate to value 1.
  3. In the folder: C:\Program Files\Symantec\Symantec Endpoint Protection backup the four files SyLink.xml and SyLink.xml.bak, serdef.dat and serdef.dat.bak.
  4. Kill the Smc.exe process and quickly delete SyLink.xml, SyLink.xml.bak, serdef.dat and serdef.dat.bak before the process respawns.
  5. The respawning process will recreate an appropriate default config and let you update everything manually from the Symantec server on the Internet.