Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

Command line arguments for LuAll.exe?

Created: 31 Jul 2008 • Updated: 21 May 2010 | 9 comments

In previous versions (of Corporate AntiVirus) we could initiate a Live Update via VPDN_LU.EXE /S  Can this be done with 11 MR2, perhaps with a command line argument to LuAll.exe?

 

FYI: We use DeepFreeze on library computers used by Patrons ('Patrons' = library word for customers). We wish to 'thaw' these computers and remotely initiate a LiveUpdate after hours and need a replaecment for VPDN_LU.EXE. 

 

 

Comments 9 CommentsJump to latest comment

JBailey's picture

I would just let SEPM control updates and push them by itself. You can set it to do anytime you want it to. No reason to RUN luall.exe IMO.

 

If your open until 9, but want to run the update at 9:30 after deepfreeze unlocks the PC, you can set it.

 

Its all silent unless you "force" the client to update manually. 

Carolyn Wood's picture

SEPM pushing is an option, but I think this is quite a bit more complicated than having DeepFreeze initiate the client LiveUpdate pull.

 

For one thing, we're not running SEPM on a real server...it's my XP Pro desktop. If I understand SEPM correctly, I would have to do the following one evening after the library closes:

 

1) run a scheduled a LiveUpdate download (9:30pm)

2) run a scheduled LiveUpdate distribution  (10:30pm)

3) DeepFreeze would then 'thaw' all Patron computers (11:30pm)

4) run a schedule SEPM push for 10 computers at a time (XP Pro is limited to 10 connections). With 24 or so Patron computers, I would run three schedules pushes (start at midnight to 5am?)

5) DeepFreeze would then 'refreeze' all Patron computers

 

In contrast, I can configure DeepFreeze to thaw all computers, run a command line (VPDN_LU), wait for completion, and refreeze, all in one step. (I'd schedule the LiveUpdate download/distribution the night before)

 

11 Endpoint may be wonderful for big companies with hundred or thousands of computers, but for sites with a just a few computers and part time tech support, Endpoint is a lot more work than the corporate editions.

 

 

Motorious's picture

Not sure if you came upon the answer yet or not but at this site:

 

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/8382e34c3a21e0dd88257354001f28c0?OpenDocument

 

It specifies the command line as "C:\Program Files\Symantec\LiveUpdate\Luall.exe" -s

 

 

Ramiller 2's picture

Are you using DeepFreeze Enterprize?

 

We have deepfreeze enterprize and I am facing a similar problem in our customer care call center.  Unfortunately our call center is staffed 24X7, which makes it difficult to coordinate shutting down machines, updating them and shutting them down again.

 

As you may be aware, the enterprise version of DeepFreeze has an optional thaw drive, which is analogous to an unfrozen partition.  My question is, can I install DeepFreeze to this Thawed partition and allow the definitions to survive a reboot?  Where are the definitions stored?  If everything is contained within the installation folder of SEP, it seems as if this should work.

 

Does anyone know for sure?

kristopherjturner's picture

Can I ask a dumb question?  What is "DeepFreeze Enterprize?"  Sorry. Guess I could have googled it, but it is 5:57 PM and Friday and I tired.  :) 

kristopherjturner's picture

Will the command you listed even work when we have the client locked down and the user doesn't have the rights to run a live update?

Paul Murgatroyd's picture

it should do, we only lock the launch right from the GUI, not via command line.

Paul Murgatroyd
Principal Product Manager, Symantec Endpoint Protection
Endpoint twitter feed: http://twitter.com/symc_endpoint

kristopherjturner's picture

I have a job using Altiris Deployment server to run the scipt mentioned above.  I have noticed that the script runs just fine.  In fact, during testing I didn't use the -s switch to run in silent mode.  Live update would start and run and say it was current.

 

However, all the systems I ran it on where still showing two day old defs.  The one's that updated where the systems we have in a test group without the live update policy locked down like we have it for everyone else.

 

Could this be in issue running this script on systems with live update policies locked down?