Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

SEP error: Login to [computer] failed

Network Sharing , TCP/IP, Internet, Wireless, Exchange, IIS, ISA and Print

SEP error: Login to [computer] failed

Postby chicagotech » Tue Nov 21, 2017 1:21 pm

Situation: When the client tries to install Symantec Endpoint Protection (SEP)remotely, he receives the following login error: Login to [computer] failed. Check the username and password and try again.

Possible causes and resolutions:
Incorrect user name or password

This issue can occur if the user name or password that you entered is incorrect. Enter the correct user name and password to resolve this issue.

Endpoint Protection Manager is not able to authenticate as Administrator

This issue can occur if the client has Simple File Sharing (or the Sharing Wizard) enabled. It can also happen if you have set the "Sharing and security model for local accounts" client policy to Guest Only.

To resolve this issue, see Is the "Sharing and security model for local accounts" policy set to Guest Only?

The Administrator account on the target computer does not have a password

If the Administrator account on the target does not have a password set, authentication fails. To resolve this issue, see Does the Administrator account have a password?

Port 445 is blocked

If the Microsoft Windows Firewall is not configured to allow File and Printer Sharing (port 445), authentication fails. To resolve this issue, see Is the Microsoft Windows Firewall blocking port 445?

The Remote Registry Service is disabled on the client computer

If the Remote Registry Service on the client has stopped and the service disabled, Endpoint Protection Manager cannot scan the registry because the service is not running. To resolve this issue, set the Remote Registry Service on the client to either Manual or Automatic.

For more information, refer to the SEPM tomcat logs located at C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tomcat\Logs\scm-server-0.log

Example of remote registry failure condition from scm-server-0.log

THREAD 91 WARNING: SearchUnagentedHost>> parseNstOutputLine: NST log line -> [WARNING: Failed to open a connection to the RemoteRegistry service on 192.168.1.230. because "The service cannot be started, either because it is disabled or because it has no enabled devices associated with it."]

To check the Remote Registry Service
1.In the Windows Control Panel, go to Administrative Tools > Services > Remote Registry.
2.Set Startup Type to either Manual or Automatic.
3.Click Start to start the service.
4.Click OK.

The LAN Manager authentication levels on the Endpoint Protection Manager and clients are not compatible

If the LAN Manager Authentication Levels on the Endpoint Protection manager and clients are incompatible, they cannot communicate. Normally they are the same because Group Policy Management in Active Directory sets the policy.

When computers on the network are not using this and the connections fail, check the options on the computers involved.

To check the LAN Manager options on Windows 2003 Server or Windows XP and later versions
1.In the Windows Control Panel, go to Administrative Tools > Local Security Policy > Local Policies > Security Options.
2.Right-click Network Security: LAN Manager authentication level, and click Properties.
3.Ensure that the Endpoint Protection Manager and client have the same settings.



Mac

Note: Endpoint Protection for Mac 12.1.5 and later supports remote push installation.

User name does not have administrative privilege

​If the Mac client computer is part of an Active Directory domain, use domain administrator account credentials for a remote push installation. Otherwise, have the administrator credentials available for each Mac to which you deploy.

Remote Login is disabled
1.Go to System Preferences > Sharing > Remote Login.
2.Allow access either for all users or only for specific users, such as Administrators.

Stealth mode is enabled

​If you use the Mac firewall, disable stealth mode. With stealth mode enabled, the remote push installation cannot discover the client through Search Network.

To disable stealth mode on the Mac

See the appropriate Apple knowledge base article that applies to your version of the Mac operating system.
•macOS Sierra (10.12): Prevent others from discovering your Mac
•OS X El Capitan (10.11): Prevent others from discovering your Mac
•OS X Yosemite (10.10): Prevent others from discovering your Mac
•OS X Mavericks (10.9): Prevent others from discovering your Mac
•OS X Mountain Lion (10.8): Prevent others from discovering your computer

TCP port 22 is blocked

Ensure that the firewall does not block TCP port 22, which Secure Shell (SSH) uses. This port allows the required communication for remote log in.

Known_hosts file is using public key formats other than SSH-RSA

​See Client Deployment Wizard may fail when using known hosts file to verify remote Mac computers
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 7096
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA

Re: SEP error: Login to [computer] failed

Postby chicagotech » Tue Nov 21, 2017 1:21 pm

In our case, enabling Remote Registry Service fixes the problem.
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 7096
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA


Return to Networking

Your Ad Here

Who is online

Users browsing this forum: No registered users and 5 guests