• Configure an unmanaged (also known as self-managed) Symantec Endpoint Protection (SEP) client to a different LiveUpdate source server instead of the Internet-based defaults.  
• How can this be accomplished by dropping a Settings.Hosts.LiveUpdate file that was exported from Symantec LiveUpdate Administrator 2.x (LUA 2.x)?

Please use the following steps to export, and copy the LiveUpdate settings to an unmanaged Symantec Endpoint Protection  client:

1. Open the Symantec LiveUpdate Administrator console and login using an administrator account
2. Click on "Configure", then click on "Client Settings"
3. Click on the "Export Windows Settings" button and save the settings file to disk. 

NOTE: Please review (and edit) the settings prior to exporting the settings.

Before you can copy the Settings.Hosts.LiveUpdate file to the client, make sure that Tamper Protection is temporarily disabled on the target machine. Symantec Endpoint Protection will block you from copying the file unless Tamper Protection is disabled. To disable Tamper Protection, please follow these steps:

1. Open Symantec Endpoint Protection 
2. Click on "Change Settings"
3. Next to Client Management, click on "Configure Settings"
4. Select the "Tamper Protection" tab
5. Un-check "Protect Symantec security software from being tampered with or shut down"
6. Click on OK
7. Close Symantec Endpoint Protection 

Copy the Settings.Hosts.LiveUpdate file you exported earlier to the client. The target folder varies by the operating system, and also includes the exact version number of the Symantec Endpoint Protection client that is installed:

Windows XP / Windows 2003

"C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\(SEP Installed Version)\Data\Config\"

Windows Vista / Windows 7 / Windows 2008 / 

"C:\ProgramData\Symantec\Symantec Endpoint Protection\(SEP Installed Version)\Data\Config\"

Note: If SEP  Tamper Protection is not disabled before attempting to copy settings.hosts.liveupdate to this location, permissions-related errors will be displayed. SEP  will log these attempts to its Tamper Protection log:

 After the settings.hosts.liveupdate file has successfully been copied, do not forget to re-enable SEP's Tamper Protection!

Applies To

Do not use the steps in this article for SEP  clients that are managed by a Symantec Endpoint Protection Manager (SEPM) in the organization.  Clients correctly managed by a SEPM will receive a LiveUpdate policy that directs them to retrieve content from an internal LUA 2.x server's Distribution Center.