Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEPM 11.0.7 is up-to-date; most clients are not updated

Created: 16 Dec 2011 • Updated: 13 Feb 2012 | 6 comments
This issue has been solved. See solution.

SEPM: 11.0.7101.1056
SEP clients: 11.0.7101.1056 / 11.0.6300.803

SEPM downloads: up-to-date definitions (both 32 and 64 bit)

A large number of clients don't have the latest definitions, most clients are missing up to 7 definition updates. In spite of not having the latest definitions, the client shows that there are no problems detected. When looking at SEP system log, I can see the event Definition File Loaded till december 8, after that, this event don't return. Also new installed clients won't update to the latest definitions.
I tried to manually update a client, but the definitions are still stuck at december 7. The result of the manual update is as follows:
 

Connecting to liveupdate.symantecliveupdate.com
Downloading catalog file (1 of 3), product up-to-date
Downloading catalog file (2 of 3), product up-to-date
Downloading catalog file (3 of 3), product up-to-date
All of the Symantec products installed on your computer are currently up-to-daate. Remember to check for new updates frequently.
LiveUpdate session is complet
e

I ran the Symantec Support Tool, but no errors are showed up. I uninstalled/reinstalled the client, even a complete new installation of W7 didn't update. I read some articles, but none helped me to solve this problem, anyone other suggestions?

Kenneth

Comments 6 CommentsJump to latest comment

SolarisMaestro's picture

Of all the clients that are not updating, do they belong to a certain group or location in your SEPM? Are these clients able to communicate and receive policy updates from the SEPM?

You might want to refer to these docs for communication troubleshooting:

Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity
http://www.symantec.com/docs/TECH105894

Troubleshooting communication problems between the management server and the client http://www.symantec.com/docs/HOWTO26968

Would it also be possible for you to post a SEP Support Tool from the SEPM? It would be interesting to see how the LiveUpdate policy is set up. Please also provide the name of the group and/or location where these clients seem to be failing.

Also, are you using any GUPs or LiveUpdate Administrator to distribute content or just SEPM? Are you using any kind of a proxy in your environment?

Thank you for marking as a solution if you felt this response met your needs!

knet's picture

Of all the clients that are not updating, do they belong to a certain group or location in your SEPM? Are these clients able to communicate and receive policy updates from the SEPM?

No they do not belong to a certain group, but to all groups. The few clients who are up to date (less than 10%) also do not belong to a certain group.

Would it also be possible for you to post a SEP Support Tool from the SEPM?

I included a print screen of the results of SEP Support Tool on the SEPM. There was one error, I do not know if this can be something.

It would be interesting to see how the LiveUpdate policy is set up. Please also provide the name of the group and/or location where these clients seem to be failing.

I included the print screens of the LiveUpdate policy. All clients in the groups which you can see in the print screen are failing. The clients which are not failing, are getting up-to-date.

Are you using any GUPs or LiveUpdate Administrator to distribute content or just SEPM? Are you using any kind of a proxy in your environment?

We do not use GUP or LiveUpdate Administrator for distribution, only SEPM. We use a proxy (TMG), but the SEPM do not use proxy, it has a direct connection to outside.

AttachmentSize
LiveUpdate policy.docx 139.05 KB
Error Support Tool.docx 40.08 KB
knet's picture

Well, I couldn't find a proper solution so I am convinced that the SEPM database is corrupt:

I installed a new SEPM on a new server with the same specs (ip address, hostname). After I pushed the new sylink.xml to all clients, the clients connected correctly to the new SEPM.

SOLUTION