Symantec Antivirus 10.x GPO issues
Symantec AV 9 installed via GPO and that rollout went as sooth as glass. So I was expecting the same thing with SAV 10. Nope! They have again disabled advertised installation and GPO support, (this according to Symantec technical support).
Does anyone have any ideas on how the get SAV 10 to install via GPO? The table changes that we had to do for SAV8.x are not appropriate for this package. The SAV 10 package just hangs while installing (at machine login - with a machine policy). The only way out is to power down and there is no entry of what caused the package to fail in the event viewer.
I will distribute this via GPO even if I have to resort to doing a capture, but I would rather use the vendor MSI due to all of the custom actions they have in that thing. I don't want to end up with vulnerable PCs because one of those custom action functions didn't run.
Any help would be appreciated!
Does anyone have any ideas on how the get SAV 10 to install via GPO? The table changes that we had to do for SAV8.x are not appropriate for this package. The SAV 10 package just hangs while installing (at machine login - with a machine policy). The only way out is to power down and there is no entry of what caused the package to fail in the event viewer.
I will distribute this via GPO even if I have to resort to doing a capture, but I would rather use the vendor MSI due to all of the custom actions they have in that thing. I don't want to end up with vulnerable PCs because one of those custom action functions didn't run.
Any help would be appreciated!
0 Comments
[ + ] Show comments
Answers (5)
Please log in to answer
Posted by:
ronnipedersen
19 years ago
Posted by:
BobTheBuilder
19 years ago
Well that is odd. I did add some custom actions in a transform, (no changes at all in the vendor MSI).
We have five parent servers and the AV Admin said I need to pre-populate the GRC.DAT and set the server property for each site. So I was setting a bunch of properties based on environment variables and pointing to the various servers on the fly. That worked great in SAV 9.
What prompted my question here was the vendor support saying that they removed GPO compatibility in SAV 10. So I thought maybe one of those advertise execute sequence table hacks was required like in SAV 8.x. I will keep beating on it, (I'll try a naked MSI w/no transform and a few ohter things) and report back.
Thanks for the reply, it gives me hope that I won't have to hack into the Symantec MSI (or even worse ... capture!)
We have five parent servers and the AV Admin said I need to pre-populate the GRC.DAT and set the server property for each site. So I was setting a bunch of properties based on environment variables and pointing to the various servers on the fly. That worked great in SAV 9.
What prompted my question here was the vendor support saying that they removed GPO compatibility in SAV 10. So I thought maybe one of those advertise execute sequence table hacks was required like in SAV 8.x. I will keep beating on it, (I'll try a naked MSI w/no transform and a few ohter things) and report back.
Thanks for the reply, it gives me hope that I won't have to hack into the Symantec MSI (or even worse ... capture!)
Posted by:
BobTheBuilder
19 years ago
After testing this a few times I have nailed down the problem. A "Buffer Overrun" error occurs when installing Symantec AV 10.x Client (unmodified vendor media) from a network source. This error even occurs with a manual installation. This always occurs on Win2k but only intermittently occurs on WinXP.
So although I appreciate the input, I doubt that ronnipedersen's experience is the same situation as what I am confronted with. I will have to deploy this as an upgrade to version 8 clients on Windows 2000 and XP.
I am going to try using the following property: LOCALCACHEDRIVE=C to get around the error message occurring when the network connection (shim?) is applied by the SAV 10 installation. More to come...
So although I appreciate the input, I doubt that ronnipedersen's experience is the same situation as what I am confronted with. I will have to deploy this as an upgrade to version 8 clients on Windows 2000 and XP.
I am going to try using the following property: LOCALCACHEDRIVE=C to get around the error message occurring when the network connection (shim?) is applied by the SAV 10 installation. More to come...
Posted by:
BobTheBuilder
19 years ago
The addition of the following property: LOCALCACHEDRIVE=C added to my transform resolved the Windows GPO deployment issue.
The problem was caused by the a Symantec 10 client MSI custom action that was resetting the network connection during the client installation. Windows Installer would throw a C++ error message. and the installation would fail. This was consistent on Windows 2000 but only occasional on Windows XP.
When deploying as a machine policy the machine would simply hang at login and the only way out was a restart after which the application installation would start again and hang at login again, (seriously bad). Again, this was consistent on Windows 2000 but only occasional on Windows XP.
If the same installation was run locally there was no issue. That is what gave me a clue to try the LOCALCACHEDRIVE property. and that was enough. there is little else to change for the Symantec Package. Just add the GRC.DAT and presto! Managed client!
The problem was caused by the a Symantec 10 client MSI custom action that was resetting the network connection during the client installation. Windows Installer would throw a C++ error message. and the installation would fail. This was consistent on Windows 2000 but only occasional on Windows XP.
When deploying as a machine policy the machine would simply hang at login and the only way out was a restart after which the application installation would start again and hang at login again, (seriously bad). Again, this was consistent on Windows 2000 but only occasional on Windows XP.
If the same installation was run locally there was no issue. That is what gave me a clue to try the LOCALCACHEDRIVE property. and that was enough. there is little else to change for the Symantec Package. Just add the GRC.DAT and presto! Managed client!
Posted by:
BobTheBuilder
19 years ago
The addition of the following property: LOCALCACHEDRIVE=C added to my transform resolved a Windows GPO deployment issue with Symantec Antivirus 10.0.0.359.
There is also a major issue with "Quick Scan" leaking memory in the above version.
With the later release of Symantec Antivirus 10.0.1.1000, this Property is no longer required. There are a bunch of bug fixes as well (including the memory leak issue with "Quick Scan").
I would recommend that anyone considering pushing out SAV version 10 use the Symantec Antivirus 10.0.1.1000 or later version only.
There is also a major issue with "Quick Scan" leaking memory in the above version.
With the later release of Symantec Antivirus 10.0.1.1000, this Property is no longer required. There are a bunch of bug fixes as well (including the memory leak issue with "Quick Scan").
I would recommend that anyone considering pushing out SAV version 10 use the Symantec Antivirus 10.0.1.1000 or later version only.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.