Posted by: David | January 23, 2011

How to use SylinkDrop to make all SEP Clients on the network managed (Alternative to SylinkReplacer)

I regularly use both sylinkdrop and sylinkreplacer to make Symantec Endpoint protection clients managed by a SEP server. Often after a reinstall of the management software it is necessary to capture all machines on the domain to make them all managed by the new installation.

Sylink drop can be used on individual machines to make them managed where as SylinkReplacer is designed to be run from a machine to find SEP clients on the network and force them to be managed. Recently I have found that the replacer tool to be less and less effective at finding clients on the network particularly Windows 7 clients. I have also found the tool to be painfully slow at scanning IP ranges to find the clients in the first place.

As a workaround I have found it much more reliable to use the sylinkdrop tool in conjunction with psexec to set all computers on the network to be managed by a SEP server. To do this you will need to set up a share on the machine you are running the commands from with read access to everyone on the domain.

In this example the share I created was called “sylink” on the server AVSRV001. In the share you need the following files:

  • sylinkdrop.exe
  • sylink.xml (for info on where to find this check out this Symantec KB)
  • drop.cmd (more info on this below)

The drop.cmd file contains the following contents:
%0..sylinkdrop.exe -silent \avsrv001sylinksylink.xml
You will need to modify the server and share name in your file to match up with the shares you created.

Once all the above is setup you can use the psexec command (available to download as part of the PsTools package by sysinternals from here)

Then simply run the following command, substituting the domain username and share names for one which suit your environment.
psexec -u domainusername -p password \* \avsrv001sylinkdrop.cmd
The above command will enumerate all the computers in AD and then try to remotely execute the drop.cmd command on each of them. This will of course fail for computers which either don’t exist or are not present or switched on, so you may want to make a note of which clients fail (just watch the output of the command to collect these).

Where can I download / get Sylink Drop

Well sylinkdrop is not publically available from Symantec to download, however it is on your installation media in the following folder:


If you have lost your installation media providing you have an active subscription you should be able to log in to with your serial number on your certificate and download the latest version (which will include sylinkdrop).



  1. Sylink drop can be downloaded from here:

  2. Thanks for the post. But i am stuck now. want to know Where will i find drop.cmd file.

  3. You need to copy the contents shown above in to notepad, modify it for your servernames and save it as a file called drop.cmd

  4. Thanks alot for this article. It helped alot and saved me hours of work.

  5. It’s saved lot of time for me. thanks…

  6. can someone post example of drop.cmd file?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: