Unable to communicate with the reporting component after logging into the Sym
2011-10-31 21:36
459 查看
Problem
The Symantec Endpoint Protection Manager (SEPM) console shows the following error: "Unable to communicate with the reporting component... "
After clicking OK to this message, either the Home, Monitors and Reports pages are dimmed or the data does not load
Symptoms
There are multiple possible reasons for this issue and this document will detail all known solutions - troubleshooting opportunities.
Cause
There are a number of possible causes. This article details the known solutions or troubleshooting methods.
Solution
Reset Internet Information Services (IIS)
In some cases simply resetting IIS can resolve this issue. Follow the steps below:
Exit SEPM
Click Start > Run.
Type iisreset
Click OK.
Log into SEPM again.
Check the IIS Configuration
Verify IIS permissions and account(s) rights are set correctly
Use the Microsoft IIS Diagnostics Toolkit to identify all the rights and permissions on the accounts. The toolkit is available from Microsoft at:
http://www.microsoft.com/downloads/details.aspx?familyid=9BFA49BC-376B-4A54-95AA-73C9156706E7&displaylang=en
Verify the DefaultAppPool identity is set to 'Network Service'
Open the IIS Administrator
Expand <server name>> Application Pools
Right-click DefaultAppPool and select Properties
On the Identity tab verify the Predefined radio button is selected and that Network Service is on the drop down list
If Network Service is listed then try adding the Local System
Note: Parts of these instructions cannot be performed with Windows XP running IIS 5.1 or Windows 2000 running IIS 5.0.
For either, there is no "application pool in the configuration and "IP address and domain name restrictions" are dimmed in the virtual server settings.
Microsoft purposely denies access to these settings.
Verify user rights.
Run gpedit.msc
Expand Computer Configuration > Windows Settings > Security Settings > Local Policies
Select User Rights Assignment in the left-hand pane
Go to the Adjust memory Quotas for a Process item and double click.
Verify that LOCAL SERVICE and NETWORK SERVICE are listed under the Local Security Setting tab.
Go to the Replace a process-level token item and double click. Again, verify that LOCAL SERVICE and NETWORK SERVICE are listed
Note: If the "Add User or Group..." button is disabled, it may be locked by a domain GPO (group policy object) which will require an assessment of domain GPOs.
Restart the IIS Admin service to update any changes
Verify Authentication and Access Control.
Open the IIS Administrator
Right-click Default Web Site and click Properties
On the Directory Security tab, under Authentication and Access Control, click Edit
Verify that Enable Anonymous Access is selected
Please select the appropriate setting if you are utilizing Authenticated Access
If SSL is not implemented, verify that Secure Communications is not selected
Open the IIS Administrator
Right-click Default Web Site and select Properties
On the Directory Security tab, under Secure Communications click Edit
Verify Require Secure Channel (SSL) is not selected
Re-enable logging in IIS
Examine the IIS logs to get the full error code. The default location for the logs is C:\Windows\System32\LogFiles\W3SVC1
In the IIS manager, right click each site where you wish to have the logs, such as Reporting and Secars, and select Log visits and click OK.
If you have to contact technical support, have these logs ready for the technicians.
Testing the ODBC Connection
Note: On a 64-bit computer, a 32-bit DSN is created and is accessible via (by default) C:\Windows\SysWoW64\Odbcad32.exe.
For an embedded (Sybase) database
Verify that the Symantec Embedded Database service is running and that the dbsrv9.exe process is listening on TCP port 2638
Test the ODBC connection.
Open Control Panel > Administrator Tools
Double click Data Sources (ODBC)
On the System DSN tab, double-click SymantecEndpointSecurityDSN
On the Database tab, type in the Server name (computer name) of your Manager, where the database resides. If computer name does not work, try the IP number or fully qualified domain name. (Version 11.0.5002.333 or newer, add SPC_ to the beginning of the server name. If the SPC_ prefix is not included, you will receive the error: "Database Server Not Found")
On the Login tab, supply the user ID and password for the Symantec Embedded Database (defaults to the first admin password you ever used for the SEPM).
User ID: dba
Password: <password>
Note: If the “Encrypt password” box on the Login tab is not checked, your password will be stored as plain text in the Windows registry.
On the Network tab, confirm that TCP/IP is checked and the value has either HOST= or IP= with your server's IP (127.0.0.1 is also acceptable).
Leave the defaults for the rest of the items and return to the ODBC tab
Click Test Connection , it should return "Success"
Click OK
For an SQL database
Verify the following:
You specified a named instance during installation and configuration. For example: \\<server name>\<instance name>
The SQL Server is running and properly configured
The network connections between Symantec Endpoint Protection Manager and the SQL database.
Test the ODBC connection.
Open Control Panel > Administrator Tools
Double click Data Sources (ODBC)
On the System DSN tab, double-click SymantecEndpointSecurityDSN
Go through the wizard to ensure the following settings:
Name: SymantecEndpointSecurityDSN
Description: <Anything>
Server: Servername\InstanceName (Only enter the server name or IP address if using the default instance)
Login ID: sa
Password: <password>
Leave the defaults for the rest of the items and click Finish
Click Test Data Source , it should return "Success"
Click OK
Check system resources
You should have at least 1GB of RAM available. If not, CPU usage may be high and this could be affecting the issue. Refreshing the console may help temporarily but it is only a workaround and not a solution.
Loopback address disabled
Reporting pages may fail to appear if loopback addresses are disabled on the computer. If you have disabled loopback addresses on your computer, you must associate the word localhost with your computer IP address. You can use the Windows hosts file to do this. For example, on computers running Windows XP, do the following:
Change the directory to the location of your hosts file. By default, the hosts file is located in%SystemRoot%\system32\drivers\etc
Open the hosts file with an editor such as Microsoft Notepad.
Add the following line to the file:
xxx.xxx.xxx.xx localhost # to log on to reporting functions (where xxx.xxx.xxx.xx is the IP address of your computer)
Save and close the hosts file.
Remote Desktop Protocol (RDP)
There may be various issues with unpredictable results associated with RDP when installing or managing SEP or SEPM. To avoid these, it is best to install or manage SEP or SEPM locally. If that is not possible you can:
Use pcAnywhere
Use the switch that Microsoft recommends to shadow a console session within an RDP session.
Note: A Windows Server 2003 server must be configured to permit remote control
For reference, read the Microsoft article: How to Connect to and Shadow the Console Session with Windows Server 2003 Terminal Services
http://support.microsoft.com/kb/278845
Verify the version of PHP that SEPM is using
Running multiple versions of PHP installed and used by different software products may cause conflicts. PHP performs a check for global configuration (php.ini) in a variety of locations. It forces each product to use its own interpreter which allows the product to operate properly and to use the correct version of PHP associated with each product.
To check if there is a version conflict with the version of PHP that SEPM is using:
Open a blank document with a text editor (Notepad for example.)
Copy/paste the following code into the document:
<?phpinfo();?>
Save the document as phpinfo.php in the folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP
Click Start > Run
In the Open box type: cmd
In the command window type:
cd "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP"
php phpinfo.php | more
If you see text output to the screen that displays the status of PHP, then PHP is installed.
Confirm that this is the correct version by:
comparing it to the version of the file: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP\php.exe".
The version displayed by the php command and the version of the file should match.
See the line in the output text on screen that saysLoaded Configuration File =>This is the configuration file the installed version of PHP is using. Ideally, this file will be: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP\Php.ini
If you see text that says: " 'php' is not recognized as an internal or external command", then the PHP installation for SEPM is broken. In this case, do the following:
Close the command prompt.
Copy the file'phpinfo.php' to C:\
Click Start > Run. Type cmd
In the command window type: php phpinfo.php | more
If the command returns: " 'php' is not recognized as an internal or external command", then PHP is not installed and registered with the OS. the problem is not with SEPM as long as step 6 produced a result.
If the command returns a status of PHP, then PHP is installed and registered with the operating system. If the version displayed here does not match the version installed with SEPM (step 7), then there is a problem (version mismatch).
Close the command prompt.
Copy the 'phpinfo.php' file to: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Reporting
Open the web browser to: http://LocalHost:8014/Reporting/phpinfo.php. A browser page describing the PHP status should display. If a 404 page "Page not found" displays, turn your troubleshooting to IIS.
Resolving a PHP version conflict with SEPM
If you do find a PHP version conflict, read the article: Specifying the php.ini file used by the Symantec Endpoint Protection Manager (SEPM) Reporting website at http://service1.symantec.com/support/ent-security.nsf/docid/2008060213161448
If this article does not work try the following workaround. Be advised that any application depending on the PHP version different from the PHP version used by SEPM may be disabled or broken.
Make a back up of the PHP folder that is not the SEPM version. Call this folder A.
Copy the contents of the PHP folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP to folder A (overwriting any and all files)
Restart the SEPM service. A restart of the entire computer may be needed.
Repair the SEPM installation
Broken or missing dll files for SEPM installation could cause this issue.
Perform a repair on the Symantec Endpoint Protection Manager installation through add or remove programs.
How to repair the Symantec Endpoint Protection Manager installation through Add or Remove Programs
http://service1.symantec.com/support/ent-security.nsf/docid/2009030414141748
Uninstall/Reinstall the SEPM
If it proves necessary to uninstall and reinstall the SEPM, follow the instructions in the following articles:
How to install Symantec Endpoint Protection and Symantec Endpoint Protection Manager through Remote Desktop
http://service1.symantec.com/support/ent-security.nsf/docid/2008030509272248 How to manually uninstall Symantec Endpoint Protection Manager 11.0
http://service1.symantec.com/support/ent-security.nsf/docid/2007101615023748
References
Title: 'How to work with Data Sources (ODBC) or ODBC connection in 64bit Windows OS'
Document ID: 2008021900094548
/apps/media/inquira/resources /resources
Legacy ID
2008042212582048
Article URL http://www.symantec.com/docs/TECH104777
Terms of use for this information are found in Legal Notices
Email this article | Print Subscribe via email
Please Sign In
Login using SymAccount.
Knowledge Base Search
Knowledge Base Search
My Support
My Support
Create a Support Case
Manage a Support Case
Manage Subscriptions
Ask a Question on Connect(Symantec support Forums)
Contacting Support
Contacting Support
Email Support
Contact Technical Support
File a Case
Business Critical Support Site
Support Forums
Rate this Article
Help us improve your support experience.
Thank you.
Add comments
1 2 3 4 5
A1 characters remaining :1000 SUBMIT
The Symantec Endpoint Protection Manager (SEPM) console shows the following error: "Unable to communicate with the reporting component... "
After clicking OK to this message, either the Home, Monitors and Reports pages are dimmed or the data does not load
Symptoms
There are multiple possible reasons for this issue and this document will detail all known solutions - troubleshooting opportunities.
Cause
There are a number of possible causes. This article details the known solutions or troubleshooting methods.
Solution
Reset Internet Information Services (IIS)
In some cases simply resetting IIS can resolve this issue. Follow the steps below:
Exit SEPM
Click Start > Run.
Type iisreset
Click OK.
Log into SEPM again.
Check the IIS Configuration
Verify IIS permissions and account(s) rights are set correctly
Use the Microsoft IIS Diagnostics Toolkit to identify all the rights and permissions on the accounts. The toolkit is available from Microsoft at:
http://www.microsoft.com/downloads/details.aspx?familyid=9BFA49BC-376B-4A54-95AA-73C9156706E7&displaylang=en
Verify the DefaultAppPool identity is set to 'Network Service'
Open the IIS Administrator
Expand <server name>> Application Pools
Right-click DefaultAppPool and select Properties
On the Identity tab verify the Predefined radio button is selected and that Network Service is on the drop down list
If Network Service is listed then try adding the Local System
Note: Parts of these instructions cannot be performed with Windows XP running IIS 5.1 or Windows 2000 running IIS 5.0.
For either, there is no "application pool in the configuration and "IP address and domain name restrictions" are dimmed in the virtual server settings.
Microsoft purposely denies access to these settings.
Verify user rights.
Run gpedit.msc
Expand Computer Configuration > Windows Settings > Security Settings > Local Policies
Select User Rights Assignment in the left-hand pane
Go to the Adjust memory Quotas for a Process item and double click.
Verify that LOCAL SERVICE and NETWORK SERVICE are listed under the Local Security Setting tab.
Go to the Replace a process-level token item and double click. Again, verify that LOCAL SERVICE and NETWORK SERVICE are listed
Note: If the "Add User or Group..." button is disabled, it may be locked by a domain GPO (group policy object) which will require an assessment of domain GPOs.
Restart the IIS Admin service to update any changes
Verify Authentication and Access Control.
Open the IIS Administrator
Right-click Default Web Site and click Properties
On the Directory Security tab, under Authentication and Access Control, click Edit
Verify that Enable Anonymous Access is selected
Please select the appropriate setting if you are utilizing Authenticated Access
If SSL is not implemented, verify that Secure Communications is not selected
Open the IIS Administrator
Right-click Default Web Site and select Properties
On the Directory Security tab, under Secure Communications click Edit
Verify Require Secure Channel (SSL) is not selected
Re-enable logging in IIS
Examine the IIS logs to get the full error code. The default location for the logs is C:\Windows\System32\LogFiles\W3SVC1
In the IIS manager, right click each site where you wish to have the logs, such as Reporting and Secars, and select Log visits and click OK.
If you have to contact technical support, have these logs ready for the technicians.
Testing the ODBC Connection
Note: On a 64-bit computer, a 32-bit DSN is created and is accessible via (by default) C:\Windows\SysWoW64\Odbcad32.exe.
For an embedded (Sybase) database
Verify that the Symantec Embedded Database service is running and that the dbsrv9.exe process is listening on TCP port 2638
Test the ODBC connection.
Open Control Panel > Administrator Tools
Double click Data Sources (ODBC)
On the System DSN tab, double-click SymantecEndpointSecurityDSN
On the Database tab, type in the Server name (computer name) of your Manager, where the database resides. If computer name does not work, try the IP number or fully qualified domain name. (Version 11.0.5002.333 or newer, add SPC_ to the beginning of the server name. If the SPC_ prefix is not included, you will receive the error: "Database Server Not Found")
On the Login tab, supply the user ID and password for the Symantec Embedded Database (defaults to the first admin password you ever used for the SEPM).
User ID: dba
Password: <password>
Note: If the “Encrypt password” box on the Login tab is not checked, your password will be stored as plain text in the Windows registry.
On the Network tab, confirm that TCP/IP is checked and the value has either HOST= or IP= with your server's IP (127.0.0.1 is also acceptable).
Leave the defaults for the rest of the items and return to the ODBC tab
Click Test Connection , it should return "Success"
Click OK
For an SQL database
Verify the following:
You specified a named instance during installation and configuration. For example: \\<server name>\<instance name>
The SQL Server is running and properly configured
The network connections between Symantec Endpoint Protection Manager and the SQL database.
Test the ODBC connection.
Open Control Panel > Administrator Tools
Double click Data Sources (ODBC)
On the System DSN tab, double-click SymantecEndpointSecurityDSN
Go through the wizard to ensure the following settings:
Name: SymantecEndpointSecurityDSN
Description: <Anything>
Server: Servername\InstanceName (Only enter the server name or IP address if using the default instance)
Login ID: sa
Password: <password>
Leave the defaults for the rest of the items and click Finish
Click Test Data Source , it should return "Success"
Click OK
Check system resources
You should have at least 1GB of RAM available. If not, CPU usage may be high and this could be affecting the issue. Refreshing the console may help temporarily but it is only a workaround and not a solution.
Loopback address disabled
Reporting pages may fail to appear if loopback addresses are disabled on the computer. If you have disabled loopback addresses on your computer, you must associate the word localhost with your computer IP address. You can use the Windows hosts file to do this. For example, on computers running Windows XP, do the following:
Change the directory to the location of your hosts file. By default, the hosts file is located in%SystemRoot%\system32\drivers\etc
Open the hosts file with an editor such as Microsoft Notepad.
Add the following line to the file:
xxx.xxx.xxx.xx localhost # to log on to reporting functions (where xxx.xxx.xxx.xx is the IP address of your computer)
Save and close the hosts file.
Remote Desktop Protocol (RDP)
There may be various issues with unpredictable results associated with RDP when installing or managing SEP or SEPM. To avoid these, it is best to install or manage SEP or SEPM locally. If that is not possible you can:
Use pcAnywhere
Use the switch that Microsoft recommends to shadow a console session within an RDP session.
Note: A Windows Server 2003 server must be configured to permit remote control
For reference, read the Microsoft article: How to Connect to and Shadow the Console Session with Windows Server 2003 Terminal Services
http://support.microsoft.com/kb/278845
Verify the version of PHP that SEPM is using
Running multiple versions of PHP installed and used by different software products may cause conflicts. PHP performs a check for global configuration (php.ini) in a variety of locations. It forces each product to use its own interpreter which allows the product to operate properly and to use the correct version of PHP associated with each product.
To check if there is a version conflict with the version of PHP that SEPM is using:
Open a blank document with a text editor (Notepad for example.)
Copy/paste the following code into the document:
<?phpinfo();?>
Save the document as phpinfo.php in the folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP
Click Start > Run
In the Open box type: cmd
In the command window type:
cd "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP"
php phpinfo.php | more
If you see text output to the screen that displays the status of PHP, then PHP is installed.
Confirm that this is the correct version by:
comparing it to the version of the file: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP\php.exe".
The version displayed by the php command and the version of the file should match.
See the line in the output text on screen that saysLoaded Configuration File =>This is the configuration file the installed version of PHP is using. Ideally, this file will be: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP\Php.ini
If you see text that says: " 'php' is not recognized as an internal or external command", then the PHP installation for SEPM is broken. In this case, do the following:
Close the command prompt.
Copy the file'phpinfo.php' to C:\
Click Start > Run. Type cmd
In the command window type: php phpinfo.php | more
If the command returns: " 'php' is not recognized as an internal or external command", then PHP is not installed and registered with the OS. the problem is not with SEPM as long as step 6 produced a result.
If the command returns a status of PHP, then PHP is installed and registered with the operating system. If the version displayed here does not match the version installed with SEPM (step 7), then there is a problem (version mismatch).
Close the command prompt.
Copy the 'phpinfo.php' file to: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Reporting
Open the web browser to: http://LocalHost:8014/Reporting/phpinfo.php. A browser page describing the PHP status should display. If a 404 page "Page not found" displays, turn your troubleshooting to IIS.
Resolving a PHP version conflict with SEPM
If you do find a PHP version conflict, read the article: Specifying the php.ini file used by the Symantec Endpoint Protection Manager (SEPM) Reporting website at http://service1.symantec.com/support/ent-security.nsf/docid/2008060213161448
If this article does not work try the following workaround. Be advised that any application depending on the PHP version different from the PHP version used by SEPM may be disabled or broken.
Make a back up of the PHP folder that is not the SEPM version. Call this folder A.
Copy the contents of the PHP folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\PHP to folder A (overwriting any and all files)
Restart the SEPM service. A restart of the entire computer may be needed.
Repair the SEPM installation
Broken or missing dll files for SEPM installation could cause this issue.
Perform a repair on the Symantec Endpoint Protection Manager installation through add or remove programs.
How to repair the Symantec Endpoint Protection Manager installation through Add or Remove Programs
http://service1.symantec.com/support/ent-security.nsf/docid/2009030414141748
Uninstall/Reinstall the SEPM
If it proves necessary to uninstall and reinstall the SEPM, follow the instructions in the following articles:
How to install Symantec Endpoint Protection and Symantec Endpoint Protection Manager through Remote Desktop
http://service1.symantec.com/support/ent-security.nsf/docid/2008030509272248 How to manually uninstall Symantec Endpoint Protection Manager 11.0
http://service1.symantec.com/support/ent-security.nsf/docid/2007101615023748
References
Title: 'How to work with Data Sources (ODBC) or ODBC connection in 64bit Windows OS'
Document ID: 2008021900094548
/apps/media/inquira/resources /resources
Legacy ID
2008042212582048
Article URL http://www.symantec.com/docs/TECH104777
Terms of use for this information are found in Legal Notices
Email this article | Print Subscribe via email
Please Sign In
Login using SymAccount.
Knowledge Base Search
Knowledge Base Search
My Support
My Support
Create a Support Case
Manage a Support Case
Manage Subscriptions
Ask a Question on Connect(Symantec support Forums)
Contacting Support
Contacting Support
Email Support
Contact Technical Support
File a Case
Business Critical Support Site
Support Forums
Rate this Article
Help us improve your support experience.
Thank you.
Add comments
1 2 3 4 5
A1 characters remaining :1000 SUBMIT
相关文章推荐
- magento设置快捷支付后,付款出现Unable to communicate with the PayPal gateway
- wo or more files with the name of logging.cc will produce outputs to the same location.
- Unable to partial resync with the slave for lack of backlog (Slave request was: 2595405802583).
- Unable to find a 'userdata.img' file for ABI armeabi to copy into the AVD folder
- 关于Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005的解决办法
- Error while performing database login with the sqljdbc driver:Unable to create connection. Check you
- unable to dequeue a cell with identifier cell - must register a nib or a class for the identifier or
- 解决 Unable to translate SQLException with Error code '17059', will now try the fallback translator
- The required Server component failed to start so Tomcat is unable to start问题解决
- Unity3d 打包时报错 CommandInvokationFailure: Unable to convert classes into dex format. See the Console f
- Error while preforming database login with the sql driver Unable to create connection解决
- [BTS] Unable to communicate with MessageBox BizTalkMsgBoxDb on SQL Instance
- Unable to create any keyboard shortcuts after the iOS 6.1.3 update on iPad.
- vipca 经典报错 PRKH-1010 : Unable to communicate with CRS services.
- Unable to find a team with the given Team ID或者Failed to code sign的问题解决
- Siebel Admin: How to find the Component that associated with Application
- Retrieving the COM class factory for component with CLSID … failed due to the following error: 80070005.
- Unable to start MySQL service. Another MySQL daemon is already running with the same UNIX socket
- Retrieving the COM class factory for component with CLSID {00024500-0000-0000-C000-000000000046} failed due to the following error: 80070005.
- Retrieving the COM class factory for component with CLSID {0002E55D-0000-0000-C000-000000000046} failed due to the following err