Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Updating stand-alone unmanaged client with .jdb

Created: 04 Feb 2013 • Updated: 04 Feb 2013 | 21 comments

I have 3 laptops that need to have the signatures updated monthly. I have heard about a solution to add the registry value HKLM_Software_symantec_SMC_TPMState with the dword hexadecimal value of 80. That value creates an "inbox" folder under C:\DocumentsandSettings\All Users\Application Data\Symantec\Symantec Endpoint Manager.When I drop the most current .JDB file in that folder to update the definitions, it creates a new folder in the inbox folder named "Invalid" with my .JDB file inside. Is there a way to make this method work or is there another way to update my stand-alone laptops using the .JDB file. These laptops are running XP with SEP 11.0.6. They have no access to the Internet or any other network. I really dont want to have to make a separate install package every month just for these laptops.

Comments 21 CommentsJump to latest comment

.Brian's picture

Use the Intelligent Updater from here:

http://www.symantec.com/security_response/definiti...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

JasonSater's picture

Unfortunately the intelligent updater is not an approved software for our networks. Is there any other option?

pete_4u2002's picture

are using the correct jdb , i mean 32 bit for 32 bit OS machines and similarly for 64.

.Brian's picture

The JDB should work. Where did you see about adding this reg key? I've never heard of this before? Should be as simple as following this KB article:

How to update definitions for Symantec Endpoint Protection Manager (SEPM) using a .jdb file

Article:TECH102607  |  Created: 2007-01-08  |  Updated: 2012-06-28  |  Article URL http://www.symantec.com/docs/TECH102607

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

JasonSater's picture

I don't remeber where I saw the article. i just saved the instructions for editing the registry. I won't be able to use the intelligen updater because it is not approved for our networks. I use the same .JDB to update the manager and that works fine for me. I need to update the client on the laptops maually.

.Brian's picture

Don't these clients connect to the SEPM and get updates? Or do they need to be unmanaged?

Is this the method you tried already?

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

Article:TECH104363  |  Created: 2008-01-07  |  Updated: 2012-08-30  |  Article URL http://www.symantec.com/docs/TECH104363

 

Beyond using Intelligent Updater (which you can't) or the JDB, I'm not sure there is a way. I would think there may be a way to copy virus definitions from an already up to date client but I can't see this being supported (or recommended) or without risk or corrupting something.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

JasonSater's picture

Yes they are completely stand alone and will never connect to our networks.

.Brian's picture

Than it would either be JDB or Intelligent Updater to manually update them. I don't believe another method like these exist. Or you can create the package as you already mentioned.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vikram Kumar-SAV to SEP's picture

Try using full.zip

http://www.symantec.com/business/support/index?pag...

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

SebastianZ's picture

This article: http://www.symantec.com/docs/TECH104363  applies to clients set to use TPM trhough SEPM policy.

If you have the unmanaged clients this one should be for you:

http://www.symantec.com/docs/TECH106028

... the .jdb should be dropper in the %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\inbox folder. Not sure how the folder with ...manager appeared in your case.

 

{EDIT} - here the new link http://www.symantec.com/docs/HOWTO80914: - apparently the tech106028 was removed in the meantime.

JasonSater's picture

SebastianZ,

This looks like more of what I am trying to do, however, your second link isn't working.

Chetan Savade's picture

Hi,

The following methods of updating content exist:

Location Function
Site
Client Group
  • Configure clients to receive updates from the management server.
  • Configure clients to run LiveUpdate from the Symantec server.
  • Configure clients to run LiveUpdate from an internal server.
  • Configure a Group Update Provider to distribute updates to clients.
Local client
  • Run LiveUpdate manually on a local client.
  • Schedule LiveUpdate to run on a local client.
  • Download the Intelligent Updater manually on a local client (virus definitions only)

 

Reference: How to update virus definitions and other content with Symantec Endpoint Protection and Symantec Network Access Control

http://www.symantec.com/docs/TECH102467

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

SMLatCST's picture

Is this what you were looking for?

http://www.symantec.com/docs/HOWTO80914

#EDIT#

Also, as you have a SEPM already, you could potentially hand these users the definitions from your own server as per:

http://www.symantec.com/docs/HOWTO80913

JasonSater's picture

SMLatCST, Thank you for that link. that was the original article I had read. I will give this a try and get back to you all.

Thanks Again

SMLatCST's picture

No problem at all.

FYI, I've just tried this on a self-managed SEP11RU6MP2/Win2k8R2 VM client I have for testing, and this worked fine.  File used was:

http://definitions.symantec.com/defs/jdb/vd3c8822.jdb

#EDIT#

Oh yeah, the below article mentions the "Invalid" directory, but just says if it appears that you should try again :S

http://www.symantec.com/docs/HOWTO27216

SebastianZ's picture

Not sure if just trying again will change anything - if it failed once will probably not going to work with next try as well. Some of the reasons of failure here

-  the jdb package is older that the already installed definitions (although I have seen already that jdb is able to replace the newer defs as well)

- TPMstate in the registry is not correctly set

- wrong jdb file is being used

SMLatCST's picture

I'm just relaying what you guys put in the article smiley

More detail as to reasons why the "Invalid" folder is created really wouldn't go amiss.  If you have any additional resources to share it'd be much appreciated!

It's generally quite difficult to grab the wrong JDB file, as only one is available from your site:

http://www.symantec.com/security_response/definiti...

I'd suggest that if updating in this method does continually fail however, to attempt clearing out the definitions on the client as they may be corrupt.  Instructions below:

http://www.symantec.com/docs/TECH103176

JasonSater's picture

I was able to drop the .JDB file in the correct directory on the unmanaged client and it did not replace it with the "Invalid" folder yet. I am going to let it sit for a while and see if it works.

SMLatCST's picture

Sounds good and fingers crossed!

During my test, this took a little over 5 mins...