Symantec Endpoint Protection Manager Reset Admin Password May 2026

Step 1: Log into the SEPM Server Log directly into the Windows Server where SEPM is installed. Remote Desktop (RDP) works perfectly. You do not need to log in as SYSTEM; a standard local administrator account is sufficient.

Step 2: Stop the Symantec Endpoint Protection Manager Service Before modifying credentials, you must stop the service to release file locks.

Step 3: Navigate to the Tools Directory Open File Explorer and navigate to the following path:

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tools

Note: If you installed SEPM on a different drive (e.g., D: or E:), adjust the path accordingly.

Step 4: Run the Reset Script You will see a file named resetpass.bat.

Step 5: Follow the Interactive Prompts The script will ask you a series of questions. Here is what you will see and how to respond: symantec endpoint protection manager reset admin password

Step 6: Start the Services

Step 7: Test the New Password Open the SEPM Console (usually via Start Menu or https://localhost:8443). Log in with:

Success! This method works in 95% of standard scenarios.

If you have local server access, use the database reset utility method. If you need step-by-step commands for your specific SEPM version (e.g., 14.x, 12.x), let me know and I can provide them.

To reset the Administrator password for Symantec Endpoint Protection Manager (SEPM), you use the built-in ResetPass.bat utility located in the installation directory. Step 1: Log into the SEPM Server Log

Note: This procedure only works for the default "admin" username. If you created a custom administrator username and forgot it, you must log in with another administrator account to reset it, or reinstall the management server.

Here is the step-by-step guide.

  • Safe first steps
  • Recovery options overview
  • Detailed method A — Use dbtool or built‑in utility
  • Detailed method B — Reset via database (MySQL / MS SQL)
  • Detailed method C — Create new local admin via LDAP/AD sync
  • Post‑reset tasks
  • Troubleshooting
  • Security & compliance notes
  • Appendices

    • If you don’t have another admin account or if the SEPM console is inaccessible, you may need to directly modify the database. This method requires more caution and technical expertise.

    Example SQL Query for SQL Server:

    UPDATE Administrators 
SET Password = 'newhashedpassword' 
WHERE UserName = 'admin';

    Replace 'newhashedpassword' with the actual hashed value of your new password and ensure the UserName matches the admin account. Step 3: Navigate to the Tools Directory Open

  • Hashing the Password: You will need to hash your new password. The hashing algorithm used by SEPM can vary by version. Tools like symcryptransform (part of the SEPM installation) can be used to generate a hashed password.

    • If you're using a SQL database and the SEPM console isn't accessible:

  • Open a Command Prompt as Administrator:

  • Navigate to the SEPM Installation Directory:

  • Execute the Password Reset Command:

  • Start the SEPM Services: