Hi,

I have about 40 plusclients with one SEPM, some of them manage to update to the latest virus def. just fine but some are not updating eventhough I can see them in the clients list and even the policy changes are being applied (so that this proves that there is communication) also I triggered a scan and that also is working, I came to this conclusion by looking at the command status. Also in the same command status it is showing 100% completed when I say send new def. but in fact when I check on the server it is not true. What can I do ?

My landscape is as follows

All are Windows Server 2003 servers and clients/users on Windows XP

SPEM on Windows Server 2003

Some windows xp and some windows server 2003 clients are not updating.

How to check what is the problem?

BTW I do update virus def thru .jdb files 

first thing to check is to see if clients are  communicating with the sepm?

do you see green dot on them?

Is your SEPM updated with JDB? you  can check that under server- show liveupdate downloads and make sure that its updated with 32 and also 64 bit AV/AS defs

enable sylink loggin on one affected  client and post the logs

http://www.symantec.com/business/support/index?page=content&id=TECH104758

BTW whats the version  ?

Run the symhelp tool to find the reason of the defintion not be update.

Download the Symantec Help (SymHelp) diagnostic tool to detect Symantec product issues

Here is the logfile

and my version is SEP 11.0.xx

also yes my SEPM server and some other servers and clients are updated to the .jdb file that I put in the SEPM folder.

Attached is the logfile

Attachment(s)

Sylink_14.txt   210 KB 1 version

As of your logs you can try it

10/29 13:13:05 [7432] AH: (InetWaiting) time out. Timeout period: 320000
10/29 13:13:05 [7432] Throw Internet Exception, Error Code=4294967287;Internet Session Timeout
10/29 13:13:05 [7432] <MaintainPushConnection:>COMPLETED
 

SEP client is not able to communicate with SEPM

Hello Jack,

are your clients running IE 9 beta, you need your clients to MP1 to fix the issue

Managed Symantec Endpoint Protection clients no longer receive updates after Internet Explorer 9 install

http://www.symantec.com/business/support/index?page=content&id=TECH141506

Nope, nobody is running IE9. We are on IE6 (which is very old)

This didnot help me much as there is no inactive connection and also SEPM is able to get the policy changes and able to get commands as to scan the computer and such.

How many system having problem ?

does any GUP client available between sep and sepm ?

No there is no GUP in between, this is the same as all other clients

About 10plus clients having this issue.

How much disk space available that system ?

Run the symhelp to check any problem are received.

http://www.symantec.com/docs/TECH170752

have you try manually update client ?

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

whats the current defs on these machines? seems like they have very old definitions, when they are trying to download big chunk its getting timed out.

<File Checksum="1C58EF1C2C3C136FDC132995F5DAB125" DeltaFlag="1" FullSize="502246181" LastModifiedTime="1414486322792" Moniker="{1CD85198-26C6-4bac-8C72-5D34B025DE35}" Seq="141027017"/>

I got the symhelp but it is in some proprieatary format. Should I attach it here?

Do you have received any error ?

Try to update first manuaaly and check again it's update automatic or not ?

20141028-016-v5i32.exe

http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

yes, they are from May 2014.

And now trying to update to the latest ones.

Timeout? cause that shouldn't be a problem. As the other servers were having the same old def and they managed to update fine.

can be tricky sometimes, because SEPM can update clients ,delta or full based on what it has. if client requests more than that it wont be able to update, 

how many revisions you have set in SEPM? default is 30 rev, meaning 10 days def ( approx)

run this intelligent updater on one machine

http://www.symantec.com/business/support/index?page=content&id=TECH102391

wait till tomorrow it should be able to get deltas from SEPM.

How to change the number of downloaded content revisions that are retained by the Symantec Endpoint Protection Manager versions 11.0. or 12.1

http://www.symantec.com/business/support/index?page=content&id=TECH104845

tried this it says installation failed and see the log in users tmp folder.. where is the tmp folder in Windows Server 2003, I looked high and low but couldn't find the log file.

Have you try to reinstall sep client ? How much disk space available ?

does manually update failed ?

i32 is for 32 bit client, make sure you have downloaded the appropriate architecture one? Is the OS 32 or 64?

check again

http://www.symantec.com/security_response/definitions.jsp

http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

You should download 32 / 64 based on your OS arch

As of my suggestion you can clean the SEPM server virus defintion.

Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions.

Hi,

I have about 1GB plus of diskspace.

Yes manual update using intelligent updater fails and ask me to look at the log file which I am unable to find.

Yes it is 32bit. I have checked it .

I suggest you can clear some more disk space.

it's 32 bit or 64 bit OS ?

Clear corrupted definations and check again.

How to clear out corrupted definitions for a Symantec Endpoint Protection client manually

Its 32bit

ok I have deleted them, what would u want me to do now?

You can clear old defination as per below articles and again manually update defination.

How to clear out corrupted definitions for a Symantec Endpoint Protection client manually

How to clear out corrupted definitions for a Symantec Endpoint Protection client manually

I'm hoping that this should fix.  Uninstall / reinstall the liveupdate component

http://www.symantec.com/business/support/index?page=content&id=tech102609

Ok Finally resolved it by reinstalling the client.