Copy just the resetpass.bat file (and ensure the target machine has a matching architecture—x86 vs x64—if dependencies exist, though the batch script usually works universally).
Lost your installation media?
You can download a trial or licensed ISO directly from the Broadcom Support Portal. Search for "Symantec Endpoint Protection 14.x" and download the full product package.
Before you begin, understand that running this script will immediately reset the admin password without asking for confirmation.
A: There is no public official download link. You must obtain it via your Broadcom support account or from your original SEP 14 installation media. Do not trust third-party "download now" buttons.
If you can access the client without the password? Usually not. But if the system is unlocked but you just forgot the password for policy export, you need Tamper Protection off.
If fully locked, proceed anyway—resetpass.bat often works even with Tamper Protection enabled (though newer SEP 14.3 RU2+ may block it).
resetpass.bat for Symantec 14 is an essential emergency tool that belongs in every system administrator’s toolkit. However, you must resist the temptation to download it from random websites. Instead, extract it from your legitimate Symantec installation files or create the script manually using the code provided in this guide.
Remember: with great power comes great responsibility. This tool can save you hours of reimaging workstations, but it can also become a security liability if it falls into the wrong hands. Use it sparingly, use it safely, and always secure your endpoints against unauthorized use.
Final Verdict: Do not search for “resetpass.bat for symantec 14 download” — instead, search for your original SEP 14 ISO or use the manual script above. Your network’s security depends on it.
Stay secure, and always verify your tools at the source.
Symantec Endpoint Protection (SEP) 14 , the legacy resetpass.bat
tool has been removed from the default installation directory and is no longer officially supported. Symantec (Broadcom) transitioned to an email-based recovery system for the Symantec Endpoint Protection Manager (SEPM) console. Broadcom TechDocs Official Recovery Method
To reset your password without the batch file, use the built-in email recovery: Launch SEPM Console : Open the management server logon screen. Forgot Password : Click the Forgot your password? Check Email : Enter your username (default is
). A temporary password or reset link will be sent to the email address configured for that account. Broadcom TechDocs Troubleshooting Without Email
If the email server is not configured or you cannot receive the reset message, consider these alternatives found in the Broadcom Support Community Log Extraction
: You can intercept the reset link locally by setting the log level to conf.properties file and checking the stdout-0.log SMTP Capture : Some administrators use tools like resetpass.bat for symantec 14 download
to capture the outgoing reset email if the server cannot reach an external mail provider. Contact Support : If you cannot perform these steps, you must open a support case with Broadcom to receive the official resetpass.bat file or specialized assistance. Broadcom Community Manual File Creation (Legacy Script)
While not recommended for version 14 due to database schema changes, legacy versions of the script used the following logic:
@echo off setlocal set CATALINA_HOME=%CD%\..\tomcat set JRE_HOME=%CD%\..\jre "%JRE_HOME%\bin\java.exe" -Xms64m -Xmx256m -classpath "%CD%\..\bin\inst.jar;%CD%\..\bin\inst-res.jar" -Dcatalina.home="%CATALINA_HOME%" com.sygate.scm.tools.DatabaseFrame setpassword admin admin endlocal Use code with caution. Copied to clipboard
To reset the administrator password for Symantec Endpoint Protection Manager (SEPM) 14 , you do not need to download resetpass.bat
separately. The file is a built-in utility included in your local installation directory. Broadcom Community How to Use resetpass.bat
If you are locked out of the SEPM console, follow these steps on the server where the Manager is installed: Locate the File
: Open Windows Explorer and navigate to the following default path:
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Tools\ Run as Administrator : Right-click resetpass.bat and select Run as Administrator Command Execution
: A command prompt window will appear. The script will reset the admin account credentials to the factory default: Update Credentials
: Log in to the SEPM console immediately using these default credentials and change the password to a secure one. Broadcom Community Important Notes for Version 14 Built-in Availability
: Broadcom (formerly Symantec) does not provide a standalone download for this batch file as it is a core component of the SEPM installation Uninstalling without a Password
: If you need to remove the SEPM client from a machine but do not have the uninstall password, resetpass.bat will not help. Instead, you must use the CleanWipe tool , which is available through the Broadcom Support Portal or your official download fulfillment center. Broadcom TechDocs from the Broadcom portal? How can I unlock my admin user? | Endpoint Protection
The resetpass.bat utility is a critical tool for administrators who have lost access to the Symantec Endpoint Protection Manager (SEPM) console. While this script was historically included in the default installation, its availability changed significantly starting with version 12.1 RU1. Where to Find resetpass.bat for Symantec 14
For Symantec Endpoint Protection 14, the resetpass.bat file is no longer included in the standard \Tools directory by default. To obtain it, you must use one of the following methods: Copy just the resetpass
Official Support Request: The most secure way to get the tool for version 14 is to contact Broadcom/Symantec Technical Support directly. They can provide the specific version of the tool compatible with your installation.
Manual Script Creation: If you cannot wait for support, you can manually create the batch file using the standard logic found in older versions. Open Notepad, paste the following code, and save it as resetpass.bat in your ..\Symantec Endpoint Protection Manager\Tools folder: Symantec Endpoint Protection Manager 12.1 Password Reset
To reset the administrator password for the Symantec Endpoint Protection Manager (SEPM) console, the standard tool was a batch file called resetpass.bat . However,
Symantec officially removed this tool starting with SEP version 12.1 RU1 MP1 and it does not natively exist in version 14.x installations. community.broadcom.com
If you are locked out of your SEPM 14 environment, you cannot directly download a safe standalone version of this file from Broadcom/Symantec without opening a direct support ticket. community.broadcom.com
Below is a comprehensive guide on how to resolve a lost admin password in Symantec Endpoint Protection 14, including how the script functioned, the official reset methods, and emergency workarounds. 🛑 Important Warning About "Downloads"
Be extremely careful if you find third-party websites offering a direct download for resetpass.bat for Symantec 14
. Because this script must be executed with full administrative privileges directly on your security management server, malicious actors often package malware or trojans inside fake versions of this file.
Never download executable or batch files for security software from unverified third-party sources. 💻 Understanding the resetpass.bat
In older legacy versions of SEPM, the script was located in the
directory. Its function was to bypass the UI and directly inject a command into the database to restore the default login credentials. community.broadcom.com
For educational and recovery purposes, this is the command structure the classic batch file used to interact with the database over Java:
@echo off setlocal set CATALINA_HOME=%CD%\..\tomcat set JRE_HOME=%CD%\..\jre "%JRE_HOME%\bin\java.exe" -Xms64m -Xmx256m -classpath "%CD%\..\bin\inst.jar;%CD%\..\bin\inst-res.jar" -Dcatalina.home="%CATALINA_HOME%" -Djava.library.path="%CATALINA_HOME%\bin;%CATALINA_HOME%\..\ASA\win32" com.sygate.scm.tools.DatabaseFrame setpassword admin admin endlocal Use code with caution. Copied to clipboard
Executing this on older versions would forcefully reset the master username to and the password to Lost your installation media
🛠️ How to Reset the Password in SEP 14 (Official Methods)
Since the batch file is missing from version 14, you should use the following authorized methods to regain access. Method 1: The "Forgot Your Password" Link (Recommended)
This is the native feature built into the console. It relies on your configured SMTP email settings. community.broadcom.com Launch the Symantec Endpoint Protection Manager logon screen. Forgot your password? Enter the username associated with the account and click Temporary Password
An automated email containing a reset link will be sent to the administrator's registered email address. techdocs.broadcom.com Method 2: Create a Ticket with Broadcom Support
If the email fails to send (common in air-gapped or isolated networks), you must contact customer support. community.broadcom.com Reach out to the Broadcom Support Portal Request assistance with a SEPM password reset.
Support can analyze your environment or securely provide the necessary tools/instructions to bypass the lock on version 14. community.broadcom.com
🕵️ Advanced Workaround: Capturing the Reset Email Locally
If you are in an isolated environment with no actual mail server hooked up to the outside world, SEPM 14 will still
to generate the password reset email and fail to send it. You can "trap" this local traffic to extract the reset link. Step A: Use an SMTP Mock Tool Download a portable open-source local SMTP catcher like Papercut SMTP onto the SEPM server.
Run the application so it listens on port 25 (the standard SMTP port). community.broadcom.com Step B: Trigger the Request Forgot your password? on the SEPM login screen. The software will try to fire an email out to your network.
Because the local SMTP tool is running, it will intercept the outgoing mail data.
Open the intercepted message in the tool to find the generated URL and manually copy-paste it into your browser to change the password. knowledge.broadcom.com
Login to SEPM console
Open the SEP client GUI. Enter the default password:
Password: symantec
You should now have full administrative access to the client.
