Applying Symantec Client Security 3.0 and Symantec AntiVirus 10.0 Maintenance Release 1 Maintenance Patch 1

Article:TECH101548  |  Created: 2005-01-05  |  Updated: 2010-01-08  |  Article URL http://www.symantec.com/docs/TECH101548
Article Type
Technical Solution


Environment

Issue



This document tells how to apply Symantec Client Security 3.0 and Symantec AntiVirus 10.0 Maintenance Release 1 Maintenance Patch 1 to computers that run Windows.


Solution





Before you begin: You can upgrade only those computers that run Symantec Client Security 3.0.1.1000 or Symantec AntiVirus 10.0.1.1000 by using this patch. Before you deploy the patch, review the new features and the Readme.txt file for Symantec Client Security or Symantec AntiVirus, depending on your product version.


About applying the patch

The Symantec Client Security patch lets you upgrade your Symantec Client Security clients and servers while preserving their configuration settings. Because of the complexity and size of Symantec Client Security software, applying a patch provides a quicker, less costly, and more efficient method by which to upgrade your clients and servers.

You can use standard installation methods to apply the Symantec Client Security patch, including local, network, Active Directory, or third-party tools. You can also patch Symantec Client Security clients and servers with an updated version of the ClientRemote Install Utility, which you must download to the computer from which you plan to roll out the patch to your clients and servers.

For more information on installing the Symantec Client Security patch using local, network, Active Directory, or third party tools methods, see the Symantec Client Security Installation Guide.


WARNING: You cannot uninstall the Symantec Client Security patch once it is installed on your clients and servers. If you need to remove the patch, you must first uninstall the Symantec Client Security client or server, then reinstall the previous Symantec software that does not contain the patch. To avoid this scenario, before you deploy the Symantec Client Security patch, you should install the patch in a test environment and ensure that the patch does not interfere with the normal operation of your computers and network.



Downloading the Symantec Client Security patch and ClientRemote Install Utility
You can download the Symantec Client Security patch from a designated FTP Web site. The Symantec Client Security patch is compressed into a ZIP file along with an updated version of the ClientRemote Install Utility. The updated ClientRemote Install Utility lets you deploy the patch to multiple computers at the same time.

To download the Symantec Client Security patch and ClientRemote Install Utility
  1. Do one of the following, depending on your program version:
    To find out whether your product version requires a license, read Determining whether Symantec Client Security 3.x or Symantec AntiVirus Corporate Edition 10.x requires a license.
  2. Save the .zip file to a local drive on your computer.
  3. Uncompress the .zip file to a temporary folder by using WinZip or a similar file compression utility.


Deploying the patch using the ClientRemote Install Utility
The ClientRemote Install Utility lets you remotely deploy an MSI patch to Symantec Client Security clients and servers in your network. An advantage to remotely patching clients and servers is that users do not need to log on to their computers as administrators prior to the installation. You can patch multiple computers at the same time without having to visit each computer individually.


Note: To remotely deploy the Symantec Client Security patch, you must have administrator rights to the domain to which the computers that you want to patch belong.



The Symantec Client Security patch consists of the following files:


MSI patch (.msp)

Contains the new features and security enhancements that are
installed over the existing Symantec Client Security clients and
servers.

Vpremote.dat

Contains the commands for the specific MSI patch that the
ClientRemote Install Utility uses for patch deployment. If you
change the MSI patch file name, you must edit vpremote.dat to
reflect this change in the command line.

The Symantec Client Security patch is copied to the target computers that you select. You cannot specify where the patch is downloaded. The default location is the c:\temp folder. The patch upgrades only the target computers that have the correct Symantec Client Security client and server versions installed.

The ClientRemote Install Utility Status window displays the download progress of the Symantec Client Security patch to the target computers. You can verify that the patch is successfully installed on your clients and servers from the Symantec System Center by checking that the Symantec Client Security version information is updated.


Note: You must install the Symantec Client Security server from the CD Start menu to deploy Symantec Client Security clients using the ClientRemote Install Utility. If you install Symantec Client Security server from the SAV folder in the CD, you cannot use this utility.



Starting the patch deployment
You can patch Symantec Client Security clients and servers using the ClientRemote Install Utility as a standalone tool.


Note: Windows XP Service Packs 1 and 2 include firewalls that can interfere with Symantec Client Security installation communications between servers and clients. If any of your Symantec Client Security clients and servers run Windows XP, you must disable the Windows XP firewall on them before you install the client and server software.


To start the patch deployment from the standalone tool
  1. Navigate to and double-click the newly downloaded version of clientremote.exe.
  2. Continue the patch deployment.
    See the "Running the ClientRemote Install Utility" section of this document.

Running the ClientRemote Install Utility

The ClientRemote Install Utility program runs after you start the patch deployment process.
See the "Starting the patch deployment" section of this document.
When you use the ClientRemote Install Utility, in the Select Install Source Location dialog box, you can select to deploy either a full product installation or a patch. When you select the Deploy Patch Path, you must browse to the MSI patch file (.msp) that you want to deploy to the Symantec Client Security clients and servers in your network.


To run the ClientRemote Install Utility

  1. In the ClientRemote Install Utility Welcome panel, click Next.
  2. In the Select Install Source Location panel, select Deploy Patch Path, and then click Browse.
  3. In the Open dialog box, select the MSI patch that you want to use to update your clients and servers, and then click Open.
    Verify that the appropriate vpremote.dat is saved to the same folder as the MSI patch.
  4. In the Select Install Source Location panel, click Next.
  5. In the Select Computers to Patch panel, under Patch Targets, select the patch that you want to use to update your clients and servers.
  6. Do one of the following:
    • If you created a text file that contains IP addresses to import computers, continue to step 7.
    • If you did not create a text file that contains IP addresses, continue to step 11.
      You can create a text file using Notepad, and then type the IP addresses that you want to import on separate lines in the file.
      For more information on creating a text file with IP addresses to import, see the Symantec Client Security Installation Guide.
  7. To import the list of computers, click Import.
  8. Locate and double-click the text file that contains the computer names.
    During the authentication process, you may need to provide a user name and password for computers that require authentication.
  9. In the Selection Summary dialog box, click OK.
    During the authentication process, Setup checks for error conditions. You are prompted to view this information interactively on an individual computer basis or to write the information to a log file for later viewing. If you create a log file, it is located under C:\Winnt\Savcecln.txt.
  10. Select one of the following:

    Yes Display the information.
    No Write to a log file.


  11. Do one of the following:
    • If you have more computers to add individually, continue to step 12.
    • If you do not have more computers to add individually, continue to step 15.
  12. Under Available Computers, expand Microsoft windows network, and then select a computer.
  13. Click Add.
  14. Repeat steps 6 and 7 until all of the computers that you want to patch are added.
  15. In the Select Computers to Patch panel, click Finish.
  16. In the Status of Remote Client Installations window, click Done.
  17. Target computers may need to be rebooted after the patch installation. Computers may restart automatically after the installation of the patch. To prevent a restart, edit the Vpremote.dat file on the parent server.

To edit the Vpremote.dat file on the parent server
  1. Open the Vpremote.dat file that you downloaded in a plain-text editor, such as Notepad.
  2. Do one of the following, depending on your product:
    To find out whether your product version requires a license, read Determining whether Symantec Client Security 3.x or Symantec AntiVirus Corporate Edition 10.x requires a license.
    • For Symantec Client Security, change the command line to the following so that it appears on one line:

      msiexec.exe /p Symantec_Client_Security_3.0.1.1007_AllWin_EN.msp /qn REINSTALL=ALL REINSTALLMODE=omus REBOOT=ReallySuppress

    • For Symantec Client Security Business Pack, change the command line to the following so that it appears on one line:

      msiexec.exe /p Symantec_Client_Security_SMB_3.0.1.1007_AllWin_EN.msp /qn REINSTALL=ALL REINSTALLMODE=omus REBOOT=ReallySuppress

    • For Symantec AntiVirus, change the command line to the following so that it appears on one line:

      msiexec.exe /p SAV_Corporate_Edition_10.0.1.1007_AllWin_EN.msp /qn REINSTALL=ALL REINSTALLMODE=omus REBOOT=ReallySuppress

    • For Symantec AntiVirus Business Pack, change the command line to the following so that it appears on one line:

      msiexec.exe /p SAV_Corporate_Edition_SMB_10.0.1.1007_AllWin_EN.msp /qn REINSTALL=ALL REINSTALLMODE=omus REBOOT=ReallySuppress

  3. Save the file and close it.




References
For a list of new features, read What's new in Symantec AntiVirus 10.0 and Symantec Client Security 3.0 Maintenance Release 1 Maintenance Patch 1.


To find product updates for all enterprise Symantec products, visit the Symantec Web site.




Legacy ID



2005100511570748


Article URL http://www.symantec.com/docs/TECH101548


Terms of use for this information are found in Legal Notices