Event 13 SescLU error, server can't update
After one of the recent updates (now SEPM server is 11.0.6300.803) this error "Event 13. LiveUpdate returned a non-critical error. Available content updates may have failed to install." started to show up, though eventually SEPM server was able to update its definitions. Last week it wasn't able to update them for 5 days. I have searched the forums and found lucatalog -cleanup/update commands. This helped and those events 13 stopped to show up for some time. Now the problem is back, and those cleanup commands don't help this time. I have also found a topic describing how to clean corrupted definitions manually, but probably lucatalog command does the same (and probably does it better, well, it should). Also there are mentions and KB article about some faulty def update causing these errors in the past, but this is probably not the case anymore. Can i do something other than reinstalling the server and how can i prevent this from happening again?
Btw, it seems that i can't start a case in MySupport about SEP. SEP doesn't show up in products selection (only some Antivirus Service, but this is not my product)
Comments
is the SEPM updated with the
is the SEPM updated with the latest definition ?
are the clients updated?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
and more are you connect to
and more are you connect to internet directly or pass a proxy server? do you use GUP or LUA?
Best Regards.
Fatih
Everything works better when everything works together.
SEPM is not up to date (it
SEPM is not up to date (it shows 05.19 definitions), therefore clients are also not up to date, as they get their updates from SEPM. Server goes to internet through a firewall (Fortigate), proxy is not enabled. LiveUpdate is installed on SEPM server.
Understanding.
Hello,
Hope you have followed both the Symantec Articles below:
cd C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin
4. Register the SEP Client with LiveUpdate:
You can log a case on web portal by following Articles below.
QuickStart Guide - Create and Manage Support Cases in SymWISE
http://www.symantec.com/docs/HOWTO31132
How to update a support case and upload diagnostic files with MySupport
http://www.symantec.com/docs/TECH71023
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | SCTS | ITIL v3
Follow me on Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helped yo
Is it ok that LUUPDATE on
Is it ok that LUSETUP on that page is for 32 bit Windows? I have SEP+SEPM on Windows Server 2008 64 bit.
Update. So i have uninstalled
Update. So i have uninstalled SEP client on that server. I had to restart first to be able to remove LiveUpdate also. After i have removed LiveUpdate, i then installed it again (from that link 3.3.0.96 32-bit version). Then i ran lucatalog -update command. It didn't show any error. Then i went to SEPM console. Definitions were still at 05.19 in SEPM. I didn't wait and went and ran the update manually (Download LiveUpdate Content). Took 40 minutes (probably huge amount of data and we also have weak international link). Now SEPM shows 2011-05-24 definitions and no errors in the error log so far.
So. Should i install SEP client again now? Doesn't it have a LiveUpdate client on itself and won't it overwrite my already existing LiveUpdate installation. It seems i can't export installation package without LU module. Btw, i will install exported package without NTP module, including everything else available for the server (antivirus, antispyware and proactive threat protection).
Though, i think maybe i should wait for a week or so without installing SEP client and watching how SEPM updates itself.
Recommended steps
Hello,
I would recommend you to Install SEP back again on the server machine as it secures the Machines.
Once you install SEP, it will register itself with the Liveupdate Application Automatically during Installation phase.
The Installation Package will always be created with liveupdate, this is done so that incase, if the Liveupdate application is not installed, it gets installed as well.
I would Recommend you not to Install PTP on the 2008 64 bit, because the PTP is not supported on 64 bit machines.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | SCTS | ITIL v3
Follow me on Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helped yo
I have installed SEP client a
I have installed SEP client a few days ago and so far everything looks fine. SEPM is updating and also there was only one SescLu event in the logs since the reinstall of LiveUpdate.
Would you like to reply?
Login or Register to post your comment.