Information about the "Force update during next login" option

Article:TECH98987  |  Created: 2000-01-07  |  Updated: 2003-01-09  |  Article URL http://www.symantec.com/docs/TECH98987
Article Type
Technical Solution


Environment

Issue



You plan to roll out Norton AntiVirus Corporate Edition 7.x or Symantec AntiVirus Corporate Edition 8.x (Symantec AV) clients using a logon script. You need to know how the "Force update during next login" option in the Symantec System Center works.


Solution



The "Force update during next login" option is useful if you want to force a reinstallation on your clients. For example, if your client has a corrupted installation, then you can force the installation by selecting this option.

Note: After this option has been checked and applied, the check box will be cleared. Subsequent checking of this option will force multiple reinstallations.

The login script (VP_log32.exe) determines which clients need Symantec AV to be installed by comparing build numbers, and secondarily by using "ClientNumber" values. When the client runs the logon script, the script compares the client's build number to the build number on the server, and installs the newer build, if necessary. If the builds are equal, the script reads a value on the server and compares it to a registry key on the client. If the number on the server is higher than the number on the client, then the script installs the newer build. If the number on the client is equal to or greater than the number on the server, then nothing happens.

When you force an update on the server, the following process sequence occurs
  1. When you select "Force update during next login" and click OK, RTVScan updates the Registry on the server. RTVScan increments the following values in HKEY_LOCAL_MACHINE\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\LoginOptions:
    • 16bitClientVersion
    • Win95ClientVersion
    • WinNTClientVersion
  2. After these registry values have been incremented, RTVScan updates the first three entries in the [ClientNumber] section of the VP_LOGIN.INI file on the server to match the DWORD values:
    [ClientNumber]
    WinNT=<value>
    Win95=<
    value>
    16Bit=<
    value>
    BuildNumber=039E02F8

When the client runs the login script, the following process sequence occurs
  1. VP_log32.exe queries VP_LOGIN.INI for the build number from the following section:

    [ClientNumber]
    WinNT=<
    value>
    Win95=<
    value>
    16Bit=<
    value>
    BuildNumber=039E02F8
  2. Vp_log32.exe then reads the client's registry to find the ProductVersion value in the following key:

    HKEY_LOCAL_MACHINE\Software\Intel\LANDesk\VirusProtect6\CurrentVersion
  3. The values are compared. If the client's ProductVersion number is less than the build number in vp_login.ini, the installation will proceed. If the client's ProductVersion number is greater than the build number in vp_login.ini,VP_log32.exe will check to see whether the administrator has forced an update.
  4. To check for a forced update, Vp_log32.exe queries VP_LOGIN.INI on the server for the ClientNumber for the client's operating system.
  5. Vp_log32.exe then queries the NAVCEClientNumber value stored in the following registry key on the client:

    HKEY_LOCAL_MACHINE\Software\Symantec\InstalledApps\
  6. VP_log32.exe compares the values. If the values do not match exactly, it installs Symantec AV from the server. If the values match, then no installation will occur.
  7. Finally, VP_log32.exe will set the NAVCEClientNumber value stored on the client in HKEY_LOCAL_MACHINE\Software\Symantec\InstalledApps\ to the value taken from VP_LOGIN.INI on the server.






Legacy ID



2000110711165448


Article URL http://www.symantec.com/docs/TECH98987


Terms of use for this information are found in Legal Notices