Error: "Can't communicate with the Server Group..."

Article:TECH101287  |  Created: 2005-01-12  |  Updated: 2010-08-13  |  Article URL http://www.symantec.com/docs/TECH101287
Article Type
Technical Solution

Product(s)

Environment

Issue



When you unlock a server group in the Symantec System Center, you see the following error message:

"Error: Can't communicate with the Server Group. Verify Network Connectivity and that machines are operating within the Group! If problem persists, try clearing the Server Group cache and re-discovering all Server Groups."


Solution




Before you begin: The following entry may appear in the Windows Event Viewer - Application log:
Event ID 1000/1004 "Faulting application Rtvscan.exe, version 10.0.1.1000, faulting module Rtvscan.exe, version 10.0.1.1000, fault address 0x0008811d."

To learn how to open the Application log, see the Technical Information section of this document.

If you see Event ID 1000 or Event ID 1004, read the following document:
Error: Event ID 1000 or 1004, "Faulting application Rtvscan.exe, version 10.0.1.1000, faulting module Rtvscan.exe, version 10.0.1.1000, fault address 0x0008811d."

If you see the error message "Faulting application Rtvscan.exe, version 10.1.5.5000, faulting module I2ldvp3.dll, version 10.1.5.5000, fault address 0x000056ab", read the following document:
Error: "Faulting application Rtvscan.exe, version 10.1.5.5000, faulting module I2ldvp3.dll, version 10.1.5.5000, fault address 0x000056ab"



Verify that user name or password field is not blank
This error message may appear if the user name field or the password field is blank when you unlock the server group.


Use the correct version of Symantec System Center
Make sure that you use Symantec System Center 10.0. Previous versions of Symantec System Center do not work correctly with Symantec AntiVirus 10.0.
For details, read the document Determining the version of Symantec System Center.


Configure or disable Windows Firewall
This problem can occur when the primary server or the computer that runs Symantec System Center runs Windows 2003/XP with Windows Firewall enabled. To fix the problem, do one of the following:



Restart the Symantec AntiVirus service
In some cases, a restart of the Symantec AntiVirus service or a reset of a registry key can fix the problem.

To restart the Symantec AntiVirus service on the primary server

  1. On the Windows taskbar, click Start > Run.
  2. In the Run dialog box, type:

    services.msc
  3. Click OK.
  4. In the right pane, select Symantec AntiVirus, and click Restart.
  5. In Symantec System Center, click Tools > Discovery Service.
  6. On the General tab, click Clear Cache Now, and then click Close.


If you cannot unlock the server group, continue with the next section, "Reset the LoginCaCertIssueSerialNum registry value."


Reset the LoginCaCertIssueSerialNum registry value
Reset the LoginCaCertIssueSerialNum registry value on the primary server. Follow the directions for your operating system.

To reset the LoginCaCertIssueSerialNum registry value on a Windows primary server

  1. Stop the Symantec AntiVirus service.
  2. In the Windows Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LanDesk\VirusProtect6\CurrentVersion\ScSComms\LocalData
  3. In the right pane, double-click the LoginCaCertIssueSerialNum value.
  4. Under Base, click Decimal.
  5. If the Value data box shows a number that is larger than 256, then replace with a 1.
  6. Click OK.
  7. Exit the Registry Editor.
  8. Start the Symantec AntiVirus service.
  9.  

Note:1 in hex or decimal is the same value.

If the problem persists, restart the computer.

To reset the LoginCaCertIssueSerialNum registry value on a NetWare primary server

  1. On the Symantec AntiVirus Monitor screen, press Alt+F10 to unload Symantec AntiVirus.
    Type your password if you are asked to do so.
  2. At the NetWare console, type the following command:

    load vpregedt.nlm

  3. Press F5 to open the Command Menu.
    The <A>dd, <E>dit, <O>pen, and <D>elete shortcut keys are active only after you press F5.
  4. Press Enter to select the VirusProtect6 key, and then press O to open the VirusProtect6 key.
  5. Press Enter to select the CurrentVersion key, and then press O to open the CurrentVersion key.
  6. Press Enter to select the ScSComms key, and then press O to open the ScSComms key.
  7. Press Enter to select the LocalData key, and then press O to open the LocalData key.
  8. Press E to edit the values in the right pane.
  9. Use the arrow keys to select the LoginCaCertIssueSerialNum value, and then press Enter.
  10. Delete the data, and then type 1
  11. Press Alt+F10 to unload Vpregedt, and then type the following command to load Symantec AntiVirus:

    load vpstart


The LoginCaCertIssueSerialNum registry value is incremented each time you open any copy of Symantec System Center on the network. If the network includes many copies of Symantec System Center, this registry value can increase quickly. If you set Symantec System Center to automatically unlock, the value the increases each time that Symantec System Center starts.

If the problem persists, continue with the next section, "Restore or re-create private keys."


Restore or re-create private keys
The loginca.pvk or the server.pvk private key may be corrupted or missing.

The default locations of private keys are as follows:

  • On a Symantec AntiVirus server
    C:\Program Files\SAV\pki\private-keys\
  • On a Symantec Client Security server
    C:\Program Files\SAV\Symantec AntiVirus\pki\private-keys\


Private key files appear similar to the following, where <server> represents the name of the primary server:
<server>.7e2cc68a49c2d34fa3bdb5ffff67edf4d.0.loginca.pvk
<server>.7e2cc68a49c2d34fa3bdb5ffff67edf4d.0.server.pvk

The long alphanumeric string is generated randomly.

To fix the problem, do one of the following:

  • If Symantec AntiVirus 10.x worked correctly on these computers in the past, restore both private keys from the backup pki folder that you created after installation.
    For directions, see the "Restore communication with a backup copy of the pki folder" section of the document Steps to minimize recovery time in the event of a server failure.
  • If the problem started after you installed Symantec AntiVirus, restart the Symantec AntiVirus service on the primary server. If the problem persists, delete the DomainData registry key on the primary server and then restart the primary server. If these steps do not fix the problem, you may need to remove Symantec AntiVirus and certain components in order to force the pki information to be recreated.

 


WARNING: In the next steps you will edit the Windows registry. Back up the registry before you make any changes to it, because incorrect changes to the registry can result in permanent data loss or corrupted files. Modify only the registry keys that are specified.
For instructions, see How to back up the Windows registry.




To delete the DomainData registry key on the primary server

  1. In the Registry Editor, delete the following registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\DomainData
  2. Restart the Symantec AntiVirus service on the primary server.
    For directions, see the "To restart the Symantec AntiVirus service on the primary server" section of this document.
  3. After the Symantec AntiVirus service starts, open Symantec System Center.
  4. Right-click the primary server and then click Make Server a Primary Server.
  5. In Symantec System Center, click Tools > Discovery Service.
  6. On the General tab, click Clear Cache Now, and then click Close.


If you cannot unlock the server group, continue with the next section, "To force the pki information to be recreated."

To force the pki information to be recreated

  1. Uninstall Symantec AntiVirus.
  2. Uninstall the Symantec System Center.
  3. Delete the pki folder.
    The default locations are as follows:
    • The default location on a Symantec AntiVirus Corporate Edition server is <OS drive>:\Program Files\SAV
    • The default location on a Symantec Client Security server is <OS drive>:\Program Files\SAV\Symantec AntiVirus
  4. In the Windows Registry Editor, delete the following key:

    HKEY_LOCAL_MACHINE\Software\Intel\Landesk\VirusProtect6\CurrentVersion\DomainData
  5. Install Symantec AntiVirus again
  6. Restart the computer.
  7. Install Symantec System Center again.
  8. Restart the computer.


If any secondary servers or managed clients in the server group run Symantec AntiVirus 9.x or earlier, follow the directions in the following document:
Managing legacy clients and servers with Symantec Client Security 3.x and Symantec AntiVirus Corporate Edition 10.x.

To re-establish communication with managed clients, follow the directions in the following document:
Moving Symantec Client Security 3.x or Symantec AntiVirus Corporate Edition 10.x clients from one parent server to another.




References
For information about troubleshooting communication problems, read the following document:

Troubleshooting communication problems with Symantec Client Security 3.x or Symantec AntiVirus Corporate Edition 10.x.



Technical Information
To open the Windows Event Viewer - Application log

  1. On the Windows taskbar, click Start > Run.
  2. In the Open box, type the following text:

    eventvwr.msc
  3. Click OK.
  4. In the left pane, click Application.
    Log entries appear in the right pane.

 



Legacy ID



2005051209365248


Article URL http://www.symantec.com/docs/TECH101287


Terms of use for this information are found in Legal Notices