Endpoint Protection

 View Only

  • 1.  Any files that will confirm the SEP client version?

    Posted May 09, 2011 01:58 PM

    I'm upgrading all of our clients from 11.0.5 (pointing to Server A) to 11.0.6 (pointing to Server B). Here's he process I use in a batch script pushed via SCCM:

    1) Stop SEP service
    2) Replaced the SyLink.xml file with one from the new server
    3) Restart the SEP service
    4) Install the 11.0.6 client

    This works great, except the batch script doesn't return an exit code, so SCCM thinks all installations have failed. I don't really care about the SCCM reporting, but I had one machine that was pointed to Server B (so the SyLink.xml replacement obviously worked) but still running 11.0.5. The installation had crashed somewhere in the beginning stages.

    My next step is to replace the batch script with a powershell script that will confirm the version of the software before returning a proper exit code to SCCM. Initially I was going to have it find either "11.0.5" or "11.0.6" in the Config.xml file, but that's not fool proof either. The client that crashed had a Config.xml file that said 11.0.6 even though the SEP client explicitely said 11.0.5 in "Help/About" and in the SEPM status page.

    Are there any other files or registry locations that will give the true version of the SEP client that I can check with powershell?



  • 2.  RE: Any files that will confirm the SEP client version?

    Posted May 09, 2011 02:01 PM

    check this registry

    http://aka-community.symantec.com/connect/articles/symantec-endpoint-protection-few-registry-tweaks

     

     

    1. To check the Version of currently installed SEP client

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC

    ProductVersion 

    Value will be something like 11.0.4014.26



  • 3.  RE: Any files that will confirm the SEP client version?

    Posted May 09, 2011 08:20 PM

    While Rafeeq suggestion is good, if the installation crashed, who knows at what stage this happened & what is valid & what is not? Does it do the Registry update last during the install? When does it update CONFIG.XML during the install process?

     

    I wouldn't rely on the file version either. We've never had MR4 in the environment, yet there are files in the Symantec folder with a version of 11.0.400.2263

    Additionally, RTVSCAN.EXE, SMC.EXE and SMCGUI.EXE are constantly running. RTVSCAN has a version of 11.0.5002.290 while the other two have version number 11.0.5002.301.

    SYMCORPUI.EXE is the executeable that show the status screen when you double click the Systemtray shield icon. My client reports that I'm running v11.0.5002.333, same as the registry.

    Having Windows Explorer show the file versionas a column there is actually no file that has the exact version as the Registry does.



  • 4.  RE: Any files that will confirm the SEP client version?

    Posted May 09, 2011 08:57 PM

    I'm guessing that the batch script used in the System Center Configuration Center goes something like:

    \[SEP]\smc -stop

    copy sylink.xml [target]

    \[SEP]\smc -start

    setup

    You can create a package instead that removes all prior data in the old install and replace it with a new package that points it to the new server.

    Is it possible to use a script to locate specific text in the SEPM_INST.LOG file?