We use User Mode. We have two stories from Symantec support on definition updates:
1. The PC never gets def updates when installed in User Mode until the first person logs in. It will continue to get def updates after that even if no one is logged in and even if the PC is rebooted but no one logs in.
2. If the PC is rebooted and no one logs in, the PC will never get any def updates because it doesn't know where to get updates from.
#1 is acceptable behavior. #2 is not. #2 came from Symantec "emergency outage" support. He said th e SMC service will not start until someone logs in even though it is set to automatic when User Mode is used.
Yes, I know leaving a PC turned on but not logged in is not "green" but we do have PCs running tasks that do not need people logged in every day but that do need USB control when someone logs in per our regulators.
Any light that can be shed on this would be helpful. I would think that if a PC is not logged in, it would use the LiveUpdate Default Location policy to get its updates. We're using MR4 MP1a.
Thanks,
Ray