How to force Symantec AntiVirus for Macintosh 10 clients to re-register themselves with the Symantec Administration Console server

Article:TECH103441  |  Created: 2007-01-30  |  Updated: 2009-01-29  |  Article URL
Article Type
Technical Solution


After reinstalling the Symantec Administration Console for Macintosh (SACM), needing to move clients to a SACM on another server, or after seeing multiple systems inadvertantly show up in the SACM with the identical name due to being part of a drive image, you need to force a client or group of clients to re-register themselves with the SACM.


To force the re-registration with the old SACM, a reinstalled SACM, or an existing SACM install:
  1. Obtain a clean copy of the file and the public key from the appropriate SACM server the client will be registering with
  2. Copy both of these files to the appropriate locations on the client system manually, with Apple Remote Desktop, or via other means
  3. Restart the client to force the registration to take place

Before attempting this, be sure to verify that all systems have unique computer names in the Sharing preference pane in System Preferences in the Apple menu. If you are forcing a re-registration on an existing SACM install and the client appears there already, you will want to remove the existing entry from the SACM before following these steps.

NOTE: With the 1.0.3 version of the Symantec Administration Client for Macintosh, shipping with Symantec AntiVirus for Macintosh 10.2, client name changes will be reflected in the SACM automatically upon a client heartbeat into the SACM. With this version, forcing a re-registration of the client to the SACM should not be necessary unless you are moving the client to a new SACM install on the same or a different server.

To obtain the clean files to send to the clients:
  1. On the SACM server, go to /Library/Application Support/Symantec/SMac
  2. Locate the Symantec Administration Client.pkg file
  3. Right-click (or control-click) on the .pkg and select "Show Package Contents" to open the .pkg in a new window
  4. In the new window, go to the Contents/Resources/Customize folder
  5. There are two files here to work with; and CustomKeys.pbk - copy them to your desktop and then close the package (Be sure to copy them and not move them out of the folder in the .pkg)
  6. Rename CustomKeys.pbk to SMacKeys.pbk in the Finder

The file will be a .plist that lets the client talk back to the SACM and will not have a NodeID set. Therefore, it will request one from the SACM upon restart of the client. The newly named SMacKeys.pbk file will be the public keys needed for the client to verify commands sent from the SACM.

The next step is to distribute these files to the client systems. However, before a wide-scale deployment to users is made, you may wish to test this with a system to verify appropriate behavior and to observe the SACM upon client registration. The file locations on the client to copy the .plist file and .pbk file are:
  • The will be placed in /Library/Preferences (The Library folder off of the root of the hard drive, not the user's Library/Preferences folder), overwriting any file that may be present already
  • The SMacKeys.pbk file (renamed from CustomKeys.pbk in step 5 above) will go in /Library/Application Support/Symantec/SMac, overwriting any file that may have been there (This will also be the Library folder off the root of the hard drive, not the Library folder in the User's folder)

Once these files have been copied to the above locations, either manually, or via a tool such as Apple Remote Desktop, restart the client. Upon restart the client will look to the file to see where it the SACM it should be reporting to is located. As there is no NodeID entry in the .plist, it will request a NodeID from the SACM. This will register the client with the SACM and it will now appear in the list of clients within the SACM interface. At this time commands can be sent to verify communication with the client.

Technical Information
After the install of the Symantec Administration Client package install and the client reboots, it will verify its local "" and will then check in with the SACM server. At this point, the SACM server will assign the client a node ID which will be entered into the file on the client system. The client information will now be added to the SACM database and the client will appear in the SACM using the computer name that is shown in the Sharing preference pane in the System Preferences for the client system. As a result, if you have deployed to a group of clients that have identical computer names due to a deploy from a drive image, they will all report to the SACM and display the same computer name and appear to be a series of duplicate entries. With version 1.0.3 of the SACM Client software, changes to computer names will reflect upon heartbeat of the client back to the SACM.

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices