I have been having a problem for a while.

Problem A:

Live update comes with constant errors - 
    Unable to connect to host

LU1814: LiveUpdate could not retrieve the catalog file of available Symantec product and component updates. Please verify that you are able to connect to the Internet and run LiveUpdate again.

 (yes I have tried to uninstall many times, all the settings seem to be right, and so on and so on)  been goole-ing for 2 weeks.

The only thing I can do is get the virus definition updates manually to update the virus definitions.

In Admin - Servers - Local Site there is a contand 10 sec error

     Rapid Response content failed to Install - site: ...... Server.......

Problem B:

I am alsotrying to set up Live update Administrator, so that all my computers in my company can get the updates from the Live update server and not go out on the internet all over the place.

The Setting.default.liveupdate file is like this: - THIS MUST BE WRONG

HOSTS\0\ACCESS=liveupdate.symantecliveupdate.com
HOSTS\0\ACCESS2=http://liveupdate.symantecliveupdate.com
HOSTS\0\IS_SYMANTEC:ENC=N%9-U,&[>@M
HOSTS\0\LOGIN:ENC=YBR#A%5\(CI
HOSTS\0\NAME=liveupdate.symantecliveupdate.com
HOSTS\0\PASSWORD:ENC=YBR#A%5\(CI
HOSTS\0\SUBNET=0.0.0.0
HOSTS\0\SUBNETMASK=0.0.0.0
HOSTS\0\TYPE=HTTP
HOSTS\1\ACCESS=liveupdate.symantec.com
HOSTS\1\ACCESS2=http://liveupdate.symantec.com
HOSTS\1\IS_SYMANTEC:ENC=N%9-U,&[>@M
HOSTS\1\LOGIN:ENC=YBR#A%5\(CI
HOSTS\1\NAME=liveupdate.symantec.com
HOSTS\1\PASSWORD:ENC=YBR#A%5\(CI
HOSTS\1\SUBNET=0.0.0.0
HOSTS\1\SUBNETMASK=0.0.0.0
HOSTS\1\TYPE=HTTP
HOSTS\2\ACCESS=update.symantec.com/opt/content/onramp
HOSTS\2\ACCESS2=ftp://update.symantec.com/opt/content/onramp
HOSTS\2\IS_SYMANTEC:ENC=N%9-U,&[>@M
HOSTS\2\LOGIN:ENC=V!0QDU7."^$C(%+!24M?+A
HOSTS\2\NAME=update.symantec.com
HOSTS\2\PASSWORD:ENC=L"`';1^I=[DC(%+!24M?+A
HOSTS\2\SUBNET=0.0.0.0
HOSTS\2\SUBNETMASK=0.0.0.0
HOSTS\2\TYPE=FTP
HOSTS\NUM_HOSTS=3
PREFERENCES\PROXY\HTTP_PROXY=USE_IE_SETTINGS
PREFERENCES\PROXY\FTP_PROXY=USE_IE_SETTINGS
PREFERENCES\PROXY\USE_IE_PROXY=TRUE
PREFERENCES\USEPASSIVEFTPMODE=1
PREFERENCES\LOGEVENTS=1
PREFERENCES\LOG_FILE_SIZE=5120
PREFERENCES\PRODUCT_CATALOG_BACKUPCOUNT=10
PREFERENCES\SETTINGS_FILE_BACKUPCOUNT=10
PREFERENCES\EXPRESS_MODE\AUTO_EXIT=NO
PREFERENCES\EXPRESS_MODE\AUTO_START=NO
PREFERENCES\EXPRESS_MODE\ENABLED=YES
PREFERENCES\DISABLE_CONTROL_PANEL=FALSE
PREFERENCES\OSHOST_FILE_CHECK=YES
PREFERENCES\PRODUCT_INVENTORY_INTEGRITY_CHECK=YES
PREFERENCES\INTERNET_CONNECT_TIMEOUT=45
PREFERENCES\INTERNET_READ_DATA_TIMEOUT=45
 

THE SETTINS.HOST.LIVEUPDATE IS LIKE THIS:

HOSTS\0\ACCESS=servername.domain:7070/clu-prod
HOSTS\0\ACCESS2=http://servername.domain:7070/clu-prod
HOSTS\0\IS_SYMANTEC:ENC=/L2D0UI>_!Q
HOSTS\0\LOGIN:ENC=
HOSTS\0\NAME=Default Production Distribution Center
HOSTS\0\PASSWORD:ENC=
HOSTS\0\SUBNET=0.0.0.0
HOSTS\0\SUBNETMASK=0.0.0.0
HOSTS\0\TYPE=HTTP

HOSTS\1\ACCESS=liveupdate.symantecliveupdate.com:80/
HOSTS\1\ACCESS2=http://liveupdate.symantecliveupdate.com:80/
HOSTS\1\IS_SYMANTEC:ENC=N%9-U,&[>@M
HOSTS\1\LOGIN:ENC=
HOSTS\1\NAME=Symantec LiveUpdate
HOSTS\1\PASSWORD:ENC=
HOSTS\1\SUBNET=0.0.0.0
HOSTS\1\SUBNETMASK=0.0.0.0
HOSTS\1\TYPE=HTTP

HOSTS\2\ACCESS=liveupdate.symantec.com:80/
HOSTS\2\ACCESS2=http://liveupdate.symantec.com:80/
HOSTS\2\IS_SYMANTEC:ENC=N%9-U,&[>@M
HOSTS\2\LOGIN:ENC=
HOSTS\2\NAME=Symantec LiveUpdate - HTTP Failover Server
HOSTS\2\PASSWORD:ENC=
HOSTS\2\SUBNET=0.0.0.0
HOSTS\2\SUBNETMASK=0.0.0.0
HOSTS\2\TYPE=HTTP

HOSTS\NUM_HOSTS=3

Im almost giving up - I cant see what is wrong ....I can give more examples....but does anyone have an idea? or will I have to call for support eventually?

Regards,

miss G

Please refer to this KB -

Unable to resolve the name of the server. LU1814: "LiveUpdate could not retrieve the catalog file of available Symantec product and component updates"

http://www.symantec.com/business/support/index?page=content&id=TECH94552&actp=search&viewlocale=en_US&searchid=1294420397656

Moving this thread to the Endpoint Forum for greater visibility.

let us know if the solution helped resolve your issue.

regards,

Thomas

Hi Miss G,

Can you let the forum know a little more info:

First of all, what Symantec products are you trying to update / do you have in the organization?  Is it all Symantec Endpoint Protection, all Symantec AntiVirus, a mixture, etc?

Second: are these clients managed or unmanaged (stand-alone)?

If it is all managed SEP: the SEPM has the ability to download and distribute definitions itself.  See Best Practices for LiveUpdate Administrator (LUA) 2.x (http://www.symantec.com/docs/TECH93409)

The settings file that you have included (Setting.default.liveupdate) is just the default - what is in the "settings.liveupdate" file?  That is the one which provides the current status.

THE SETTINS.HOST.LIVEUPDATE IS LIKE THIS:

HOSTS\0\ACCESS=servername.domain:7070/clu-prod
HOSTS\0\ACCESS2=http://servername.domain:7070/clu-prod

Have you changed this file before posting it to the forum-?  "servername.domain" should reflect your LUA 2.x server's servername and domain.

Here's a good video: https://www-secure.symantec.com/connect/videos/install-lua-live-update-administrator-and-configure-symantec-endpoint-protection

Please keep this thread up-to-date with your progress!

Thanks and best regards,

Mick

just to let you know, the DNS, IP, Proxy settings are all in order.  The solution above did not apply to me :)

do you use a proxy?

is sepm and lu admin on the same box?

the settings.liveupdate is for client one i guess

I´m in a 150 machine company with a managed Symantec product.

Version 11.0.6005.562

Symantech Endpoint Protection and Symantec LiveUpdate Administrator that I just put up on friday last.

During the weekend the Virus Definistion seem to have updated with at least 2 day and 1 day old definitions. - I dont know what made them update, some setting that I must have done right.

Yes I changed the file before posting it - took out the name of my server.

---------------

What do you mean with this?
"The settings file that you have included (Setting.default.liveupdate) is just the default - what is in the "settings.liveupdate" file?  That is the one which provides the current status.
" 
The first file is the default one - the second one that starts with the - servername.domain....etc. is the one I thought was the right one.  It is locked - has a lock on it and is not visible in explorer.
 """ - ----------------

On the otherhand there is alot failed in the LiveUpdate Admin.

I seem to be having some problem with the Distribution Center Coverage.  The scheduled task that I made for that always fails and I cant see why.  Maby it does not matter - because "some" updates seem to be alright and go the right way.

Can anyone tell me where I can see logs about failed scheduled task.  If I go to event log in LiveUpdateAdmin I get this: - and if I mark it to see more detailes, it does not tell me anything more.

	Created	Event Type	Severity	User	Description
	10.1.2011 10:34:02 GMT	Login/Log Off	informational	admin	User admin logged in successfully.
	10.1.2011 10:21:32 GMT	Login/Log Off	critical	admin	User admin failed to login.
	10.1.2011 07:13:24 GMT	Distribution	informational	admin	Distribution request 8 started by admin has completed.
	10.1.2011 07:13:24 GMT	Distribution	informational	admin	Distribution request 8 started by admin completed successfully on 1 out of 1 location(s).
	10.1.2011 07:00:18 GMT	Distribution	informational	admin	Started distribution of content for request id 8 started by admin.
	10.1.2011 07:00:00 GMT	Schedule	informational	admin	Distribution schedule Dreyfing started.
	10.1.2011 00:52:29 GMT	Download	critical	admin	Download request 7 started by admin has failed.
	10.1.2011 00:48:45 GMT	Download	informational	admin	Download job from source server Symantec LiveUpdate has completed successfully. There were 22 product(s) for which updates were found as part of this job.
	10.1.2011 00:31:59 GMT	Distribution Center Cleanup	informational	LUA Startup	Successfully purged old contents on server Default Production Distribution Center. Total of 73 updates were purged.
	10.1.2011 00:28:32 GMT	Download	informational	admin	Started download of content for request id 7 started by user admin.
	10.1.2011 00:00:03 GMT	Schedule	informational	admin	Download schedule uppfaerslur started.
	9.1.2011 07:12:46 GMT	Distribution	critical	admin	Distribution request 6 started by admin has failed.
	9.1.2011 07:12:46 GMT	Distribution	informational	admin	Distribution request 6 started by admin has failed to distribute on all location(s).
	9.1.2011 07:12:35 GMT	Distribution	critical	admin	Distribution job to destination server Default Production Distribution Center has failed. There were 230 updates that failed to distribute
	9.1.2011 07:00:15 GMT	Distribution	informational	admin	Started distribution of content for request id 6 started by admin.
	9.1.2011 07:00:00 GMT	Schedule	informational	admin	Distribution schedule Dreyfing started.
	9.1.2011 00:57:29 GMT	Download	critical	admin	Download request 5 started by admin has failed.
	9.1.2011 00:53:56 GMT	Download	informational	admin	Download job from source server Symantec LiveUpdate has completed successfully. There were 28 product(s) for which updates were found as part of this job.
	9.1.2011 00:31:57 GMT	Distribution Center Cleanup	informational	LUA Startup	Successfully purged old contents on server Default Production Distribution Center. Total of 77 updates were purged.
	9.1.2011 00:26:54 GMT	Download	informational	admin	Started download of content for request id 5 started by user admin.
	9.1.2011 00:00:02 GMT	Schedule	informational	admin	Download schedule uppfaerslur started.
	9.1.2011 00:00:01 GMT	Purge Schedule	informational	LUA Startup	Contents purged successfully as per configured parameters.
	9.1.2011 00:00:00 GMT	Purge Schedule	informational	LUA Startup	Starting Purge Schedule for purging contents.
	8.1.2011 07:09:23 GMT	Distribution	informational	admin	Distribution request 4 started by admin has completed.
	8.1.2011 07:09:23 GMT	Distribution	informational	admin	Distribution request 4 started by admin completed successfully on 1 out of 1 location(s).

I´m not quite sure if I should worry more for now - because It seems to be working better, but I´m not happy with the failed tasks, but maby I should experiment some more with settings and scheduled tasks.

Please ask me more questions if you need more info :)

kv.

Miss G

Yes we use Proxy

Yes the sepm and luadmin are on the same box.

The settings.host.liveupdate is for the server - is there another settings.liveupdate file that you want to see from a client?

Hi Again Miss G,

Thanks for the info.

SEP 11 RU6 is a good version- when time allows, do update to RU6 MP2.  Getting the clients to retrieve and process AV updates is a higher priority, though.

If there is a SEPM in use, and it can access the Internet, it might be a good idea to just let that handle all the downloading and distributing.  If you have SEP for Macintosh clients you'll need LUA 2.x.  In most other circumstances, the SEPM can successfully keep its SEP clients up-to-date. 

Assuming that you do wish to keep the LUA:

When the client settings are exported from the LUA 2.x server and placed in the C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\ directory, LiveUpdate processes this settings.host.liveupdate file and adds its information tothe Settings.LiveUpdate file.  Settings.LiveUpdate is the one which controlls where clients will go looking for new updates.  If that is pointing to the clu-prod directory on your LUA server, then all the clients are configured correctly to go collect new bits from that.

So, it is important to make sure that what is in clu-prod is up-to-date. 

> Distribution job to destination server Default Production Distribution Center has failed. There were 230 updates that failed to distribute

Try running a manual distribution job (Or, just select the job in your schedule and "Run Now") then viewing the GUI to see if it succeeds.  Are any errors presented?  Any files marked as corrupt, etc?

Hope this helps!

Mick

When looking at the clu_prod folder, everything seems to be in order, files with todays date and so on.
So that must be working.

I deleted some updates under "Managed updates" in SymLivUpd Admin -  that had a red x infront of them and looked like they were not needed.

I also tried to "run now" my distribution tast and that returned "

No Updates are currently available for the products selected in this schedule.

So....maby I should wait patiently ( not my strong side) and see what will happen in the next schedule that is at midnight and again at 7 o´clock tomorrow morning.

So, I´m going to see what happens now for maby 2 days, and I will let you know if the solution to my failed task was the updated I threw away or if they keep coming.

Hopwfully...this has just solved itself.

regards,

Greta

i guess thats the problem, its not good to have sepm and luadmin on the same box, coz they both do the same job , using luadmin are u trying to update other than sepm? if not then uninstall luadmin and just allow sepm to use the internet.

The start of all my problems is a loud objection from my network-admins that were always bugging me that the Norton server and clients were going all over the place on the internet.  We are a very secure banking facility with really "closed" network so there is always a problem with everything we do concerning the internet.  I installed the luadmin to try to make a internal Live update server so that the only one that is talking to LiveUpdate is the Norton server, and all the clients go only to him when they need update - and that seems to work (or I hope so now).  I´m not able to put the luadmin server on another server for the time being.

i´m going to see what will happen now - hopefully the server starts behaving well and run smoothly...but if not, I will let you know (either way) :)

thanks.

Greta

Yes keep us posted, I was searching for this document 

LiveUpdate Administrator 2.x and Symantec Endpoint Protection Manager on the Same Physical Server

Cheers Greta!

High security networks like yours are one of the environments where LUA 2.x is recommended for SEP updates.

Looking forward to tomorrow's news,

Mick

There's a couple of problems/things you should know with what you are trying to do.

1. Running the SEPM and LUA on the same machine is not a supported configuration. If you are going to run LUA put it on a different machine other than the one running the SEPM.

2. The clients will get all updates from the SEPM, so there's really no need for LUA in your environment. Simply check the LiveUpdate policy to make sure that you have only "Use the default management server" selected. This will ensure the client only get definitions updates from the management console and not from the LiveUpdate servers. If it's checked, uncheck "Use a liveUpdate server", as this will cause your clients to go out to the Symantec LiveUpdate servers every 4 hours or whatever schedule you have set up as well as download from the SEPM.

I really dont know what to say, but the Virus definitions are updating like a charm.

I increased the RAM to 6 GB and also the disk-space - very easy because the server is Virtual - and all is good.  I also noticed that the tasks in the LiveUpdateAdmin that I was complaining about is failing "I think" because it isnt finding updates - and is completed when it finds one...still have to look at that - but it seems to be allright.

So, all I have to say now is thank you for your help  :)

Regards,

Greta

Glad to help, Greta!

If time allows, there are some proposed LUA enhancement requests in the "Ideas" section of the forum.  Feel free to add your weight to any ideas that you would like to see in a future release of the product.  Or, feel free to create your own "idea"!  https://www-secure.symantec.com/connect/search?filters=type%3Aidea%20tid%3A691

Thanks again,

Mick

Of course things could not be perfect like I hoped.

Yes the LUA is working, the definitions are updating but not all the clients seem to get these updates.  73 clients get todays definitions , 86 have a definition that is a week old.

I tried to send a "Update Content" command to some clients, but that does not seem to work.

Yes all these clients have green dots on them in the console.

Is there some way I can manually force new definitions to these almost 50% of my clients?

I tried to delete the definitions in "C::\ProgramData\Symantec\Definitions\VirusDefs\", but it doesnt seem to work.

Any ideas?

Regards,

Greta
 

Hi

Plz try to delete the older live update files which is stored in the sepmanager from the outbox foler,just keet 1 or 2 days updates and can just know how much space you have in the install directory ?

what operating system ur using ?

Are you talking about this folder

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent

??

All of the folders under there have the date 13.01.2011

Windows server 2008R2 Standard on the Server.

Windows 7 Enterpise on all the clients. - some of theme are Servers 2008 also

Of course things could not be perfect like I hoped.

Yes the LUA is working, the definitions are updating but not all the clients seem to get these updates.  73 clients get todays definitions , 86 have a definition that is a week old.

I tried to send a "Update Content" command to some clients, but that does not seem to work.

Yes all these clients have green dots on them in the console.

Is there some way I can manually force new definitions to these almost 50% of my clients?

I tried to delete the definitions in "C::\ProgramData\Symantec\Definitions\VirusDefs\", but it doesnt seem to work.

SEE attachment!

Any ideas?

Regards,

Greta

Ok, I´m always poking a litle bit into this problem of mine.

Like I said here before, 50% of the clients did not get the newest Virus Definition automatically, and that was a fact.

Now on the other hand, I went and fetched the newest update manually from

ftp://ftp.symantec.com/AVDEFS/symantec_antivirus_corp/jdb/ and put it in this folder  

C:\Program Files\Symantec \Symantec Endpoint Protection Manager\data\inbox\content\incoming

and then all of a sudden, all my 160 clients got the newest update.

So, it seems like the automatic update isnt working 100%, only 50%!!!!!
 

I have no idea what to do now...or where I can find out what is in order and what is not.

regards,

Greta