Home > Symantec, Symantec Endpoint Protection Manager SEPM > How to find or reset the Symantec password on the embedded database

How to find or reset the Symantec password on the embedded database


If you forgot the original password, you can find it stored in the sem5.log file in the  %installationdirectory%\db.  In order to open this log file, you will need to:

1) Stop all services using it. Not an easy task because one of the Symantec services does not give you the ability to stop it.  So disable all the Symantec Endpoint Security related services and reboot the server. After it comes up you should be able to open this log file.

Another beautiful hack for locating that lost password is:

1) Go to ODBC, enter the user name and password…etc.

2) In the database server name, enter the server name as …etc.

3) Goto %programfiles%\symantec\symantec endpoint protection manager\php

4) Change the attributes for php.ini to remove the read only.

5) Open the php.ini file and search for “off”, make this to be “on” , for all the errorlog and give the path for error_log = syslog to say c:\dump\password.txt but not the root of any drive like c:\password.txt as this will not generate a log, I don’t know why, might be a bug within php.

6) Login to SEPM and you should get, “unable to communicate with reporting component”

7) The log file generated will have your username as DBA and the good working password set in originally.

8) Don’t forget to change php.ini attribute back to read only once you are finished editing.

OR you can try this……………

You can use ‘resetpass.bat’ file, it will reset the password for the Symantec Endpoint Protection Manager admin account.

1. open Windows Services, then stop ‘Symantec Endpoint Protection manager’

2. Go to:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools
then, double-click the Resetpass.bat.

3. start again the ‘Symantec Endpoint Protection manager’ service.

4.Launch Symantec Endpoint Protection Manager Console
user: admin
password: admin

About these ads
  1. nqanh
    December 8, 2010 at 9:59 am

    Dear friend,

    I have problem in retrieving lost DBA password on SEM5 database (Symantec Endpoint Protection Management’s embedded database). I am able to open sem5.log file as your instruction but exactly where can I find DBA password !? Is it in encrypted form or clear text !? Many thanks in advance for your help.

    • prashant
      May 12, 2011 at 11:29 am

      is anyone aware where in SEM5.log the password is stored? or how to decrypt the password?

      • thetechmojo
        May 12, 2011 at 3:18 pm

        The file is stored here:
        sem5.log file in the %installationdirectory%\db

        To determine what your original password was follow this hack:

        1) Go to ODBC, enter the user name and password as blah blah.
        2) In the database server name, enter the server name as blah.
        3) Goto %programfiles%\symantec\symantec endpoint protection manager\php
        4) Change the attributes for php.ini to remove the read only.
        5) Open the php.ini file and search for “off”, make this to be “on” , for all the errorlog and give the path for error_log = syslog to say c:\test\test.txt but not the root of any drive like c:\test.txt as this will not generate a log, I dont know but this could be a bug with php.
        6) Login to SEPM and you should get, “unable to communicate with reporting component”
        7) The log file generated will have your username as DBA and the good working password set in originally.

        *Edited : Dont forget to make php.ini back to read only once done with the editing.

        Also, a good article on how to change the database password to a non complex password for use with the Management Server Reconfiguration Wizard

        http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008011823355248

  2. thetechmojo
    December 9, 2010 at 6:28 am

    You can use ‘resetpass.bat’ file, it will reset the password for the Symantec Endpoint Protection Manager admin account.
    1. open Windows Services, then stop ‘Symantec Endpoint Protection manager’
    2. Go to:
    C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools
    then, double-click the Resetpass.bat.
    3. start again the ‘Symantec Endpoint Protection manager’ service.
    4.Launch Symantec Endpoint Protection Manager Console
    user: admin
    password: admin

  3. November 8, 2012 at 12:04 pm

    Helpful information. Lucky me I found your web site accidentally, and I am surprised why this accident didn’t came about earlier! I bookmarked it.

    • thetechmojo
      November 9, 2012 at 4:05 pm

      Thank you, glad the information was helpful !

  4. weimin
    April 9, 2013 at 10:56 am

    Hi ,

    i tried to look in the sem5.log file, but can not find anything refering to the dba password. the other optione doesnt work for me , for some unknown reason i can not open reporting webpage.

    please help :)..

    • thetechmojo
      April 9, 2013 at 1:17 pm

      You can use ‘resetpass.bat’ file, it will reset the password for the Symantec Endpoint Protection Manager admin account.
      1. open Windows Services, then stop ‘Symantec Endpoint Protection manager’
      2. Go to:
      C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools
      then, double-click the Resetpass.bat.
      3. start again the ‘Symantec Endpoint Protection manager’ service.
      4.Launch Symantec Endpoint Protection Manager Console
      user: admin
      password: admin

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: