SBS Clients Lose Access to Shares and/or Cannot Get DHCP Addresses

SBS Clients Lose Access to Shares and/or Cannot Get DHCP Addresses

  • Comments 13
  • Likes

[Today's post comes to us courtesy of Mike Lieser]

Recently we have been seeing two different issues on SBS servers that can be caused by the 3rd party product Symantec Endpoint Protection 11.0.  Please note that these issues can also be caused by other factors.

Issue 1: DHCP

SBS client machines are unable to receive an IP address lease from a DHCP running on the SBS server. Statically assigning an IP address to the client machine allows it to function normally on the network.

Issue 2: Access to Shares

Client machines lose connectivity to shares hosted on the SBS 2003 server after a period of time. Rebooting the SBS server is the only way in which you are able to restore the connectivity.

These issues have been documented in the following Symantec FAQ: http://www.symantec.com/business/support/endpointsecurity/sep11_faq_customer-installations-issues-with-resolutions_int_112007%20partner(3)).pdf

The following Symantec Knowledge Base article offers a resolution for the “inaccessible shares” issue. However, the article does not state that it resolves the inability to obtain an IP address lease by SBS client machines.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007102613484948

Please contact Symantec for further information on these issues.

Note: The third-party products that are discussed in this post are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
Comments
  • The Official SBS Blog : SBS Clients Lose Access to Shares and/or Cannot Get DHCP Addresses: http://blogs

  • The Official SBS Blog : SBS Clients Lose Access to Shares and/or Cannot Get DHCP Addresses: http://blogs

  • A maintenance release for Symantec Endpoint Protection contains a fix for the share-problem as well as several other problems with SBS and Endpoint, i can name quite a few by now. http://service1.symantec.com/SUPPORT/ent-security.nsf/docid_p/2007121216360648

    A guide for SBS and Endpoint:

    http://www.symantec.com/business/support/endpointsecurity/SEP_SBS_BestPractices_v3.0.pdf

    In there, note the specific SBS security templates from Symantec, which also address the DHCP-issue. It's all well documented :)

  • A maintenance release for Symantec Endpoint Protection contains a fix for the share-problem as well as several other problems with SBS and Endpoint, i can name quite a few by now. http://service1.symantec.com/SUPPORT/ent-security.nsf/docid_p/2007121216360648

    A guide for SBS and Endpoint:

    http://www.symantec.com/business/support/endpointsecurity/SEP_SBS_BestPractices_v3.0.pdf

    In there, note the specific SBS security templates from Symantec, which also address the DHCP-issue.

  • 1995 - 2002

    If you wanted to zap every nasty bug in the zoo or have remote access to your PC, you installed Symantec.

    2003 - Present

    If you want all kinds of stuff to go wrong with your network for no apparent reason, you installed Symantec.

    JamesNT

  • Yet another reason to not install this software - v11 is throwing up red flags in my installation experiences about 2 or 3 times a week.

  • Not only this, but it can also cause problems with accessing shares and clients getting an IP lease from your DHCP server, on your Windows 2003 server. In true Symantec style the documentation for the workaround is reportedly sketchy and the availabl

  • These issues have been addressed in the MR1 release available for download from FileConnect (https://fileconnect.symantec.com) by December 2007.

    Here are the release notes:

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid_p/2007121216360648

    Still testing, but I have not run into a major problem yet.

  • The easy way to check if you are hit by it is to check the main domain share: dir \\domain\sysvol

    The bad thing is that it only manifest itself after some time. On a clients SBS server it was around every 7 days.

    The new SEP build 11.0.1000.1375 should fix it.

  • The statements above were true for the RTM version (11.0.1109), but these issues are fixed in the December 2007 maintenance release 1 (11.0.1000.1375).

    Release notes:

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid_p/2007121216360648

  • @JamesNT: I totally agree with you.

    Instead of keeping the advanced IT Pro happy AND trying to sell to a larger audience Symantec totally went for the big consumer market.

    So they kept adding functionality untill they totally lost the overview of what impacts what and stupid things like this are happening. It will only get worse and I already notice with all the partners and customers I talk with that they are totally done with Symantec.

    Last year a customer even replaced there network infrastructure (switches etc) because unexplained loss of connection to the SBS server. Turns out that a tool on the server triggered Symantec Anti virus to think a worm attach was happening at which point it blocked the traffic for 30 minutes to the most important server: My DHCP, DNS, Gateway and Exchange IP address. How stupid can you get with a product.

    They can just wait on losing marketshare unless they start reading some blogs and forums on what is happening out there.

    Thanks! T.

  • Endpoint solutions has other problems, specifically with the Manager that goes on the server.  There is an immediate conflict with Veritas and the website for displaying forms for Veritas and Endpoint.  I could never get Endpoint to manage the clients properly.  Yes there are major issues with shares.  I spent 490 hours with Symantec to no avail attempting to get the install with 1 server & 5 clients working.  Never got it to work right.  They even gave up.  Right now, I have a hosed server that will have to be rebuilt that was running flawlessly with Corporate version of antivirus.  It was only with the insistence of Symantec that I installed Endpoint with their assurances that all would be OK.  Now they tell me I can just re-install the old Corporate version and they will make the license good for the next year.  Only problem is I cannot get Endpoint off the server and one client using their removal tools.  Some residue is buried somewhere that disallows the install of the old version.

  • I've noticed this on a 2k3 server (not SBS) as well, but it only seems to happen after someone remote desktops into the server (running in application mode.)  Has anyone else noticed any triggers like this or is normally just random?