Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog
Showing posts tagged with 7.x
Showing posts in English
mmurphy7 | 22 Feb 2013 | 0 comments

Nobody likes to be restricted in their use of a computer, or think they are being limited because they don’t have administrator rights. Most users do not NEED administrator privileges, they just WANT them. So why do users want administrator privileges? Here are the top 5 reasons:

  1. Freedom: Users want administrator privileges so they can install or modify anything and everything on their computer. They may or may not view themselves as computer experts, but believe they know enough about computers to be able to make changes to their system without any negative repercussions. Unfortunately they are usually wrong, causing the IT department to spend countless hours fixing the issues.
  2. Control: Users also want more privileges on a computer because of the control associated with being able to call your own shots. Control leads to even more headaches for the IT department as they clean up the mess left by users who make changes without understanding implications...
Ludovic Ferre | 19 Feb 2013 | 0 comments

One of my customer reported a problem that caused one of their child nothing server to run at 100% CPU and consume almost all memory (out of 32GiB available).

I first looked at the timing (it was reported last Friday) and I thought this was possibly linked to the PMImport release as last week we had Patch Tuesday (so we released the PMImport Wednesday and replicated it to the child server Thursday evening.

But this was not it. First the memory ballooning problem happened on 3 different processes: the w3wp pools for the Altiris-NS-Agent and TaskManagement as well as the AeXSvc itself.

With all three processes running we would see large chunks of memory being released in a clean drop and go right back up in after nice curve. This was because the 3 processes were fighting for the scarce memory resources and causing each other to have to be scavenged every now and then.

Stopping on of the application pool pegged the memory to ~12 GiB for each of the other...

Ludovic Ferre | 18 Feb 2013 | 0 comments

Based on demand I have updated both the PatchAutomation [1] and ZeroDayPatch [2]downloads with a few additional features that allow the user to better control which bulletins are handle and how to invoke the tools.

Here are the new feature command line details:

/config=<file path>
    Reads the file at the provided path and parses each line for com-
    -mand line options. Here is a sample config file content:
      /severity=critical
      /custom-sp=CWoC_GetAllBulletins
      /vendor=google
      /dryrun
      /debug

/custom-sp=<sp_name>
    This option allows the user to specify a custom stored procedure to
    be called during the execution. The stored procedure may be present
    on the database (if not the automate will return with no errors) and
    must contains the following columns that are used and needed:
      * _resourceguid [Software bulletin guid]
      * released [Software bulletin release date]
      * bulletin [Bulletin...
Ludovic Ferre | 05 Feb 2013 | 0 comments

A new symantec.pl.xml file was released today and added to the ns7pl tree.

Here are the addition to the Solution tree and links to the revision:

Revision: 8737de84ed8c
Author:   Ludovic FERRE <ludovic@15-cloud.fr>
Date:     Mon Feb  4 15:51:07 2013
Log:      Symantec.pl.xml md5 = 8e278fd63cf1492e12a0237e184d9dcf

http://code.google.com/p/ns7pl/source/detail?r=8737de84ed8c

Added:
 /solutions/7_1/ita/ita_sd/altiris_itanalyticsdocumentation_x64.msi_info
 /solutions/7_5/ita/sd/altiris_itanalyticsservicedesk_7_5_x64.msi_info
 /solutions/7_5/ita/sd/altiris_itanalyticsservicedesklanguages_7_5_x64.msi_info
Modified:
 /symantec.pl.xml

...
Ludovic Ferre | 05 Feb 2013 | 0 comments

I have a customer that has some problems with one of three child servers, with some serious memory consumption there going from 2 GiB for TaskManagement, ~2.5GiB for AeXSvc and anything above that (sometimes 5GiB+) for the Altiris-NS-Agent.

This is causing some serious troubles obviously, as the CPU are all clogged up (95~100% on 24 real cores). So first we reduced the overall impact by limiting the number of CPU's the process is allowed to on (using advanced setting and processor affinity mask).

And then we took a few dumps to see how the memory gets up to 4GiB or more...

I'll detail the WinDbg commands (and how to load mscorewks via sos.dll) but here's the over view running DumpHeap -stat at various stages.

Note! Here are the field names used below in order, Memory address, object count, total size, object type. The listing is sorted by size ascending. So the interesting data is at the end.

...
Ludovic Ferre | 29 Jan 2013 | 0 comments

Update! Added the Dataclass and Filters top level items as they also needed fixing. Also I added a reference to my original SP1 to SP2 upgrade post, with steps for fixing the issue [1].

####

I attended an upgrade for a customer installing MP1.1 on 4 servers in hierarchy (1 parent, 3 children). We had some minor problems when we got started but nothing major:

  • 2 servers (including the parent) did not have the MP1.1 upgrade option because SMP 7.1 SP2 was not appearing as installed in SIM. We just ran the upgrade as a new installation.
  • The parent configuration went much to fast to be healthy. In effect it did not install most of the products, so we ran the "aexconfig /configureall" manually and this fixed the environment
  • One role had been granted undesired rights (inherited from the hidden parent folder)  on main console locations: "Reports", "Console menu", "Settings"...
Ludovic Ferre | 25 Jan 2013 | 1 comment

Today, I'd like to re-introduce a rare (endangered?) specie of owl: Sam.

As brightly advertised here Sam is not a random name, as it stands for Scalable Active Management. Now if you have worked with Altiris you probably know of SolutionSam, but not necessarily where that came from in itself.

SolutionSam.com was registered in 1999 when Computing Edge decided to create Active Management Solutions (in opposition to passive solutions that worked on top of SMS), the ancestors of Inventory Solution (Inventory +Solution, including Exchange +Plus, Audit +Plus etc [1]) , Software Management Solution (Download +Solution). 

Nowadays the site still holds the 6.0 solutions (a directory browsable folder [2]) and the 7.x solutions tree, not browsable but visible inside the symantec.pl.xml. It replicated via Akamai content delivery network for fast world wide availability of the content....

Ludovic Ferre | 24 Jan 2013 | 3 comments

I have a customer that is using the Connector Solution (in 6.0 and 7.x) to import users, group and parameters into their CMDB's for various business reasons.

Over time their import data has grown and so has the process time, to some extremes: updating 10~20K entries on a dataclass from a CSV file containing 1,000,000+ lines (a mere 30MiB) would take 3 hours + (in 6.0, and many more in 7.x).

Note that the imported data is not one for one - i.e. we are not populating a data table but linking keys from other tables, which is different process to handle from the SMP.

In a couple of cases we decided to take the processing outside of the Connector Solution, via a simple SQL procedure. This worked great but it requires some serious amount of work to implement the data insert, update and delete part of the procedure. This allowed us to run the import in less than one minute (fyi, it's Import #3 in the table below).

Thankfully my customer reported (today...

Ludovic Ferre | 23 Jan 2013 | 0 comments

The Symantec product listing xml was updated Monday.

Here are the information we have from it:

File name: symantec_v2.pl.xml
File hash: 3e447dd07844f9fad531a3240215a11b
File date: 2013-01-18 15:37
File size: 13,990,445 bytes (~14MB)
Release date: 2013-01-21

From the Git commit [1] we can see the following changes:

 

  Add /solutions/7_1/mobilemgmt/7_2_sp2_1_rtm/symantec_mobileframework_7_2_sp2_1_x64.msi_info ...
Ludovic Ferre | 22 Jan 2013 | 1 comment

I just finished a remote session with a customer that found a computer from the database that is not sending data back.

I had received the log files yesterday and the log viewer was all red and blue. Upon inspection it was clear that the agent COM components are not working (not registered or unregistered), so no basic inventory, client session management or sub-agents could perform their normal tasks.

Still the agent was getting it's policy file from the server, but not being able to do anything with the given policy (given its state).

We checked the computer Windows logs and found nothing interesting in there, so we crafted a SQL query to detect other computers with similar issues:

select 
       distinct(s.ResourceGuid),
       i.Name, MAX(_eventtime) 'Last config request',
       MAX(s.ModifiedDate) 'Last Basic Inventory',
       MAX(s.createdDate) 'First inventory',
       DATEDIFF(d, max(s.modifiedDate),
       MAX(c....