截屏视频帮助

Updating stand-alone unmanaged client with .jdb

创建时间: 04 2 月 2013 • Updated: 04 2 月 2013 | 21 条评论

I have 3 laptops that need to have the signatures updated monthly. I have heard about a solution to add the registry value HKLM_Software_symantec_SMC_TPMState with the dword hexadecimal value of 80. That value creates an "inbox" folder under C:\DocumentsandSettings\All Users\Application Data\Symantec\Symantec Endpoint Manager.When I drop the most current .JDB file in that folder to update the definitions, it creates a new folder in the inbox folder named "Invalid" with my .JDB file inside. Is there a way to make this method work or is there another way to update my stand-alone laptops using the .JDB file. These laptops are running XP with SEP 11.0.6. They have no access to the Internet or any other network. I really dont want to have to make a separate install package every month just for these laptops.

评论 条评论跳转至最新评论

Brɨan 的图片

Use the Intelligent Updater from here:

http://www.symantec.com/security_response/definiti...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

JasonSater 的图片

Unfortunately the intelligent updater is not an approved software for our networks. Is there any other option?

pete_4u2002 的图片

are using the correct jdb , i mean 32 bit for 32 bit OS machines and similarly for 64.

Brɨan 的图片

The JDB should work. Where did you see about adding this reg key? I've never heard of this before? Should be as simple as following this KB article:

How to update definitions for Symantec Endpoint Protection Manager (SEPM) using a .jdb file

padding: 1px;padding-bottom: 3px ;font: 12px Arial; text-align: left;color: #666666; background-color:#f2f2f2">Article:TECH102607 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2;"> |  padding: 0px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2;">Created: 2007-01-08 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2"> |  padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2">Updated: 2012-06-28 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2"> |  padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2">Article URL http://www.symantec.com/docs/TECH102607

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

JasonSater 的图片

I don't remeber where I saw the article. i just saved the instructions for editing the registry. I won't be able to use the intelligen updater because it is not approved for our networks. I use the same .JDB to update the manager and that works fine for me. I need to update the client on the laptops maually.

Brɨan 的图片

Don't these clients connect to the SEPM and get updates? Or do they need to be unmanaged?

Is this the method you tried already?

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

padding: 1px;padding-bottom: 3px ;font: 12px Arial; text-align: left;color: #666666; background-color:#f2f2f2">Article:TECH104363 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2;"> |  padding: 0px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2;">Created: 2008-01-07 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2"> |  padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2">Updated: 2012-08-30 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2"> |  padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2">Article URL http://www.symantec.com/docs/TECH104363

Beyond using Intelligent Updater (which you can't) or the JDB, I'm not sure there is a way. I would think there may be a way to copy virus definitions from an already up to date client but I can't see this being supported (or recommended) or without risk or corrupting something.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

JasonSater 的图片

Yes they are completely stand alone and will never connect to our networks.

Brɨan 的图片

Than it would either be JDB or Intelligent Updater to manually update them. I don't believe another method like these exist. Or you can create the package as you already mentioned.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vikram Kumar-SAV to SEP 的图片

Try using full.zip

http://www.symantec.com/business/support/index?pag...

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

SebastianZ 的图片

This article: http://www.symantec.com/docs/TECH104363  applies to clients set to use TPM trhough SEPM policy.

If you have the unmanaged clients this one should be for you:

http://www.symantec.com/docs/TECH106028

... the .jdb should be dropper in the %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\inbox folder. Not sure how the folder with ...manager appeared in your case.

{EDIT} - here the new link http://www.symantec.com/docs/HOWTO80914: - apparently the tech106028 was removed in the meantime.

JasonSater 的图片

SebastianZ,

This looks like more of what I am trying to do, however, your second link isn't working.

Chetan Savade 的图片

Hi,

The following methods of updating content exist:

Location Function
Site
Client Group
  • Configure clients to receive updates from the management server.
  • Configure clients to run LiveUpdate from the Symantec server.
  • Configure clients to run LiveUpdate from an internal server.
  • Configure a Group Update Provider to distribute updates to clients.
Local client
  • Run LiveUpdate manually on a local client.
  • Schedule LiveUpdate to run on a local client.
  • Download the Intelligent Updater manually on a local client (virus definitions only)

Reference: How to update virus definitions and other content with Symantec Endpoint Protection and Symantec Network Access Control

http://www.symantec.com/docs/TECH102467

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

SMLatCST 的图片

Is this what you were looking for?

http://www.symantec.com/docs/HOWTO80914

#EDIT#

Also, as you have a SEPM already, you could potentially hand these users the definitions from your own server as per:

http://www.symantec.com/docs/HOWTO80913

JasonSater 的图片

SMLatCST, Thank you for that link. that was the original article I had read. I will give this a try and get back to you all.

Thanks Again

SMLatCST 的图片

No problem at all.

FYI, I've just tried this on a self-managed SEP11RU6MP2/Win2k8R2 VM client I have for testing, and this worked fine.  File used was:

http://definitions.symantec.com/defs/jdb/vd3c8822.jdb

#EDIT#

Oh yeah, the below article mentions the "Invalid" directory, but just says if it appears that you should try again :S

http://www.symantec.com/docs/HOWTO27216

SebastianZ 的图片

Not sure if just trying again will change anything - if it failed once will probably not going to work with next try as well. Some of the reasons of failure here

-  the jdb package is older that the already installed definitions (although I have seen already that jdb is able to replace the newer defs as well)

- TPMstate in the registry is not correctly set

- wrong jdb file is being used

SMLatCST 的图片

I'm just relaying what you guys put in the article smiley

More detail as to reasons why the "Invalid" folder is created really wouldn't go amiss.  If you have any additional resources to share it'd be much appreciated!

It's generally quite difficult to grab the wrong JDB file, as only one is available from your site:

http://www.symantec.com/security_response/definiti...

I'd suggest that if updating in this method does continually fail however, to attempt clearing out the definitions on the client as they may be corrupt.  Instructions below:

http://www.symantec.com/docs/TECH103176

JasonSater 的图片

I was able to drop the .JDB file in the correct directory on the unmanaged client and it did not replace it with the "Invalid" folder yet. I am going to let it sit for a while and see if it works.

SMLatCST 的图片

Sounds good and fingers crossed!

During my test, this took a little over 5 mins...