Can't upgrade 9.0 Corporate remote clients to SEP
We are in the process of trying to upgrade all of our SAV 9.0 Corporate clients to SEP. We have SEPM 11.0.4000.2295 installed. We have created a package that uses a silent install, no reboot and does not install Network Threat Protection.
When I push the package to a remote client running 9.0, either by using the SEPM or the Migration wizard, the install fails. The remote client does receive all the install files which are located at C:\Temp\Clt-Inst but the upgrade fails. I did a search on the remote client for any log files but there were none. Windows event viewer shows "The Windows Installer service entered the running state", then 5 minutes later..."Product: Symantec Endpoint Protection -- Installation operation failed."
If I change the package to a Unattend package and push it out to the same remote computer, it fails as well and I get a pop up message stating "Live Update is currently running. Please wait for LiveUpdate to complete before continuing" Also, if I do a silent install to a client local to the network here, it is successful.
To recap:
1. Client upgrade from 9.0 to SEP using silent install to remote network PC fails
2. Client upgrade from 9.0 to SEP using unattend install to remote network PC fails with LiveUpdate error
3. Client upgrade from 9.0 to SEP using silent install to local LAN PC is successful
Any ideas?
Comments
Another note, If I
Another note, If I completely uninstall 9.0 on the remote client and push other either a Silent or Unattend package, it is successful
Can you post the SEP_INST.LOG
Can you post the SEP_INST.LOG from the %temp% folder (or it might be in %windir%\temp).
What you have to do is search for "value 3" and look for the lines above it for clue.
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
Here is what is some of what
Here is what is some of what is above "Value 3"
1: InstAPca.dll: ProductVersion=11.0.4000.2295
MSI (s) (2C:6C) [13:29:49:393]: Skipping action: LockoutLU.FF07F38E_78C2_412E_B858_64488E808644 (condition is false)
MSI (s) (2C:6C) [13:29:49:393]: Doing action: CheckForRunningLU.FF07F38E_78C2_412E_B858_64488E808644
Action ended 13:29:49: SetExtCustomActionData.9DDC0E81_9620_4441_B4F7_FD077F55D6D2. Return value 1.
MSI (s) (2C:BC) [13:29:49:409]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI8B2.tmp, Entrypoint: CheckForRunningLU
Action start 13:29:49: CheckForRunningLU.FF07F38E_78C2_412E_B858_64488E808644.
LUCA: UILevel = 2 (2)
LUCA(1782): error=2 GetLastError=2
LUCA(1782): error=2 GetLastError=2
LUCA(1782): error=2 GetLastError=2
LUCA(1782): error=2 GetLastError=2
LUCA: Checking if LUALL is running...
LUCA: LiveUpdate is running!!
Action ended 13:34:49: CheckForRunningLU.FF07F38E_78C2_412E_B858_64488E808644. Return value 3.
Action ended 13:34:49: INSTALL. Return value 3.
Liveupdate looks to be your
Liveupdate looks to be your problem. Are the clients set for contnous liveupdate?
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
They get their updates from
They get their updates from the 9.0 Corporate server
Is this
Is this on?
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2003031711002148?Open&docid=2004062916082648&nsf=ent-security.nsf&view=docid
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
No... Pic:
No...
Pic: http://img160.imageshack.us/img160/9343/36998936.jpg
However, if I log onto the
However, if I log onto the remote workstation as myself (Domain Admin) the install is successful
disable scheduled scans,
disable scheduled scans, modify Quarantine purge options, delete histories, disable LiveUpdate, disable roaming, unlock server groups, and disable Tamper Protection.
Reference : http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007071909500548
Not everyone has to do it. 90 out of 100 get away without doing that but looks like you will have to go by the books.
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
It almost seems like a
It almost seems like a rights or permissions issue since it will upgrade sucessfully if I log on with admin rights. It's odd that will work with PCs on the local LAN but not with PCs on our remote sites, even though they are members of the same domain.
So, I guess the only solution for the remote clients is to either uninstall the 9.0 clients and push out the SEP package or do all the things you stated above on the 9.0 server for each of the remote clients then push out SEP?
Yeah, All the above things
Yeah, All the above things can be done at the server \ server group level from the SSC.
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
Yeah, All the above things
Yeah, All the above things can be done at the server \ server group level from the SSC.
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
How do you "disable
How do you "disable LiveUpdate" and "unlock server groups" on a client from SSC?
Also, is there a way to force clients to update a policy in 9.0?
Right Click > ALL Tasks >
Right Click > ALL Tasks > Symantec Antivirus and then whatever you wanna do, It's set at that level and what do you mean by how to unlock a server group from SSC. You rather do it on SSC!
De facto when AV does something, it starts jumping up and down, waving its arms, and shouting "Hey! I found a virus! Look at me! I'm soooo goooood!"
Well, I found out if I stop
Well, I found out if I stop the LUCOMS~1.exe process (which related to LiveUpdate) and push out the pachake with a normal user logged in, the silent install is sucessful.
Why is LUCOMS.exe running?
Well, I found out if I stop
Well, I found out if I stop the LUCOMS~1.exe process (which related to LiveUpdate) and push out the pachake with a normal user logged in, the silent install is sucessful.
Why is LUCOMS.exe running?
Resolution for Mass Deployments?
Manually stopping LUCOMS~1.exe and initiating a silent install is fine for a single PC but what if this issue is occurring on hundreds of desktops? The majority of my SAVCE 9 to SEP upgrades were successful via Altiris' SEP Integration Component although over 500 have failed. Note that manually pushing a new package thru SEPM fails as well with the exact same error Daveyd has in his example SEP_INST.LOG file.
It appears uninstalling SAVCE first and then installing SEP works but how can I do this (back to back) for tons of machines (via Altiris) and suppress any reboots at the same time? I say "back to back" because I'd like to minimize the amount of time the client isn't protected. Thanks in advance!
Clint
Clint
Would you like to reply?
Login or Register to post your comment.