Here's the procedure to reset the password for Symantec EndPoint Protection Manager on a Windows 2008 server. First, what you must know is that the SEPM security policy is set to lock the 'admin' account after 5 wrong passwords are entered. The 'admin' account is then kept locked for 15 minutes after which it unlocks itself automatically. If you have entered 5 wrong passwords, two solutions are available: the first one is to quietly sit in your chair, sip your coffee and wait for 15 minutes to pass. The second one consistes of one simple procedure:
- Open a command prompt with elevated privileges
- Type 'cd C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Tools'
- Type 'resetpass.bat' and press 'Enter' to run the batch file which is in charge of resetting the password.
- Choose a new password
The resetpass.bat will temporarily reset the password to 'admin' and it will immediately ask you to choose new credentials. Here's the content of this file for a better understanding:
"%JAVA_HOME%\bin\java.exe" -Xms64m -Xmx256m -XX:MinHeapFreeRatio=30 -XX:MaxHeapFreeRatio=40 -classpath "%CD%\..\bin\inst.jar;%CD%\..\bin\inst-res.jar" -Dcatalina.home="%CATALINA_HOME%" -Djava.library.path="%CATALINA_HOME%\bin" com.sygate.scm.tools.DatabaseFrame setpassword admin admin
Once you are logged in the SEPM management console you can also select the 'admin' tab and change the security policy to respond to failed login attempts and to define lock duration. I suggest to decrease the account lockout duration to 5 minutes and to add a backup admin account to be able to logon even in case of problems with the primary account. You could also set SEPM to not to make password expire for easier management, just be sure you have choosen a strong password.