Viewing push enrollment status
Push Enroll Statuspage shows the status of push enrollment in your environment.
If you remove devices from
Unmanaged Devices, you can no longer view the push enrollment status for these devices.
To view push enrollment status
- On theEndpointtab, go toDevices > Unmanaged Devices > Push Enroll Status.
- SelectRefreshat any time to refresh the status display.Note that the installation of different features is not tracked and reported separately. After the core protection features are installed, the enrollment status changes toSuccessfuland the device appears underManaged Devices.If push enrollment fails, the reason for the failure appears for that device. After you address the reason for the failure, you can select the device and then retry the push enrollment.
- (Optional) To retry push enrollment, do the following:
- Find the devices for which you want to retry push enrollment. You can filter the devices based on their enrollment status.
- Select each device for which you want to retry push enrollment, and then selectRetry Push Enroll.
- In the window that appears, provide the required administrator credentials to enroll the devices.
- If you need to add additional credentials to enroll multiple devices, selectAdd another set of credentials. PressNextto provide the credentials.
- PressStart Enrollment.The enrollment happens silently in the background.
Troubleshooting push enrollment failures
If the cloud console is not able to enroll a device, the failure reason tells you what went wrong. After you fix the error, you can retry enrollment.
Possible reasons for push enrollment failures:
Credentials are required to access the device.
Push enrollment skipped because the credentials required to access the device are not available.
Solution:The set of credentials that you provided for installation has expired. You must restart push enrollment.
Unable to download the installation package: the server is unreachable.
Unable to download the installation package: wrong server response.
Unable to download the installation package to the discovery agent device because an unknown error occurred.
Failed to verify the installation package signature.
Download unexpected error
Fatal error occurred during the download of the installation package.
An error occurred when downloading package; retrying download.
Solution:Push enrollment cannot access or save the requested installation file.
To resolve file access issues
- The discovery agent requires access to the following URL: https://bds.securitycloud.symantec.com(for Europe customers, the URL is as follows: https://bds.eu.securitycloud.symantec.com)Add this URL to the proxy or the firewall exclusion list to enable necessary communications.
- Restart push enrollment.
To resolve file save issues
- Check your hard disk for errors, and ensure that the disk has enough free space.
- Restart push enrollment.
- On theEndpointtab, go toDevices > Managed Devices, and then find the discovery agent device.
- Open the device summary and look at the list of events.
Problems with installation timeout
Installation timed out.
The installation did not successfully complete within 72 hours.
The following table describes possible causes and their solutions.
You deployed a Symantec Agent installation package without Secure Connection features through VMware Workspace ONE. No user is logged on to the device or the logged-on user doesn’t have local administrator rights.
Log on to the device as a user with local administrator rights.
You deployed the installation package with Secure Connection features.
Integrated Cyber Defense Managercan't distinguish between Windows 10 and Windows 10 in S Mode based on the information that Workspace ONE provides. Therefore, when
Integrated Cyber Defense Managerpushes the installation for Symantec Agent with Secure Connection features to Windows 10 in S Mode, the installation fails.
Manually enroll the device using
Symantec Endpoint Security.
You deployed the installation package with Secure Connection features, but even after the package installation completes, enrollment requires user interaction. Modern apps do not automatically start the first time after installation.
To complete enrollment, open the Symantec Agent UI and select
Problems with access to cloud resources
Unable to access cloud resources.
A device is unable to access Symantec's notification service or the Symantec Cloud API gateway which is required for client installation and functionality.
Solution: Add URLs to the Allow List for Symantec Endpoint Security.