Liveupdate settings returned to default
Hi
On my SAV primary servers I intermittently get a problem where the internet proxy settings are being removed from Liveupdate. In the file Configuration.Log.LiveUpdate I see this:
02/01/2012, 14:00:04 GMT -> LuComServer version: 3.2.0.68
02/01/2012, 14:00:04 GMT -> LuComServer Sequence Number: 20070912
02/01/2012, 14:00:04 GMT -> OS: Windows 2003 Enterprise, Service Pack:2, Major: 5, Minor 2, Build 3790
02/01/2012, 14:00:04 GMT -> System Language:[0x0809], User Language:[0x0809]
02/01/2012, 14:00:04 GMT -> IE 6 Support
02/01/2012, 14:00:04 GMT -> ComCtl32 version: 6.0
02/01/2012, 14:00:04 GMT -> Setting File integrity check failed. Default Setting File will be restored.
02/01/2012, 14:00:04 GMT -> Merging [C:\PROGRA~1\Symantec\LIVEUP~1\Settings.Default.LiveUpdate] file to LiveUpdate Settings file
02/01/2012, 14:00:04 GMT -> Self healing: Default Settings.LiveUpdate is being created.
02/01/2012, 14:00:04 GMT -> Settings File field was tampered. Default Settings File has been restored.
It's a simple matter to re-enter the proxy settings, but I wonder why the settings file is being returned to defaults. Is this Tamper Protection fixing something that doesn't need fixing?
Thanks
Comments 4 Comments • Jump to latest comment
Hello,
Could you check the Version of Liveupdate you are carrying??
Are you using the Liveupdate Version 3.2 OR Liveupdate version 3.3?
Liveupdate version 3.3 is intended for use with Symantec Enterprise products, such as Symantec Endpoint Protection and Symantec AntiVirus.
Liveupdate may be damaged.
If LiveUpdate is damaged, download and install a new copy.
To reinstall LiveUpdate
This installs LiveUpdate.
If this does not solve the problem, the solution depends on whether Symantec AntiVirus is the only Symantec application installed or whether additional Symantec applications are installed.
To repair LiveUpdate when Symantec AntiVirus is the only Symantec application installed
By default, one is located at C:\Program Files\Symantec\LiveUpdate, and the other is located under the All Users profile.
The location of the folder depends on your version of Windows:
In Windows 2003/XP/2000, the location is C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate.
In Windows NT, the location is C:\Winnt\Profiles\All Users\Application Data\Symantec\LiveUpdate.
In Windows 9x/Me, the location is C:\Windows\All Users\Application Data\Symantec\LiveUpdate.
The Application Data folder may be hidden. To find the folder, read the document How to make Windows show all files.
This installs LiveUpdate.
To repair LiveUpdate when more than one Symantec product is installed
The location of the folder depends on your version of Windows:
In Windows 2003/XP/2000, the location is C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate.
In Windows NT, the location is C:\Winnt\Profiles\All Users\Application Data\Symantec\LiveUpdate.
In Windows 9x/Me, the location is C:\Windows\All Users\Application Data\Symantec\LiveUpdate.
The Application Data folder may be hidden. To find the folder, read the document How to make Windows show all files.
This installs LiveUpdate and recreates the LiveUpdate folder that you deleted.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Make sure your Settings.Liveupdate file is READ ONLY
Its in Documents and settings\All users\Application data\Symantec\Liveupdate
Vikram Kumar
Symantec Consultant
The most helpful part of entire Symantec connect is the Search button..do use it.
Hi grumbleweed,
LiveUpdate has "self-healing" features built in, so that in case of corruption or loss of the configuration files, it will return to known good / default values.
In the latest releases of SEP, this has been enhanced so that the default values are those configured at the SEPM rather than the Internet-based LU servers. A few details about this change can be seen in:
Endpoint Clients go to the LiveUpdate server on the internet despite LiveUpdate policy from Symantec Endpoint Protection Manager
Article: TECH95946 | Created: 2009-01-02 | Updated: 2011-12-16 |
Article URL http://www.symantec.com/docs/TECH95946
In the older SAV product, though, restoring to the Internet-based servers is the behavior that is designed. As you note, restoring the proxy and other settings after a self-healing event will do the trick.
Note that these self-healings should be quite rare: if these occur frequently then there may be an issue with that SAV server.
BTW: judging from the version of LU, you are running SAV 10.1.8.8000. To take advantage of the latest enhancements and improvements, I recommend upgrading to SAV 10.1 MR10.
Hope this helps!!
Mick
With thanks and best regards,
Mick
Thumbs up to Mick :-).
10.1 MR 10 is the one you should really upgrade to.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Would you like to reply?
Login or Register to post your comment.