Solved

Automatic Updates don't work

Posted on 2004-09-10
16
241 Views
Last Modified: 2010-04-14
Do you need to be logged in as an administrator for windows to do it's automatic update thing, because it would be much better if updates could be carried out independantly of who was logged in.

Second question, Symantec antivirus is supposed to fetch it's updates according to a schedule I use, but it hasn't been doing it and now I've got this lsass.exe virus problem. It is because only a domain user was account was logged onto the server at the scheduled time of the update? This account doesn't have admin rights, so perhaps SAV couldn't update.

Anyway, I have this stupid lsass.exe thing going on now and no it's not sasser and it's not korgo and SAV doesn't detect anything.
0
Comment
Question by:Jason210
  • 8
  • 5
  • 3
16 Comments
 
LVL 1

Expert Comment

by:Moskjis
ID: 12026704
Hi Jason210,

or one of the administrators group.
if you are not from administrators group you can not upgrade virus definitions.
(if you are logged out from computer, sheduled tasks will work)

If I'm not misunderstanding someting :)
Cheers!
0
 
LVL 11

Author Comment

by:Jason210
ID: 12027370
Thanks for the help. But let me get this right.  As I understand it now:

1. Admin sets up a scheduled update for Symantec AV

2. If someone without admin privilages is logged in at the time of the scheduled update, the scheduled update will not work.

3. But, if no-one is logged on at the time of the scheduled update, then the scheduled tasks will work.

0
 
LVL 1

Expert Comment

by:Moskjis
ID: 12027452
Hi Jason210,

I have not worked with Symantec, but it must work. At evening I will try this out and tell you about results.

I'm only learning :)
Cheers!
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 1

Assisted Solution

by:Moskjis
Moskjis earned 250 total points
ID: 12028011
Hi Jason210,

yes, when sheduling you define user and password with witch it will work and if that user is from administrators group then all works.

I'm only learning :)
Cheers!
0
 
LVL 11

Author Comment

by:Jason210
ID: 12028857
Many many thanks! I'm learning to....

I want you to have the points...but I still haven't got a working solution.

What you suggest in your last comment didn't work for me. I've defined the Domain Admin as the user, set up the schedule, logged out and then logged on again as a domain user with no admin rights. Then I left the server. No Back-Up! Can you confirm that this indeed is what you did and that it was working on yours? What OS are you using, and where did you point the back-up to?

What I've done now is scheduled a small back up to take place tonight, logged out of the server again, and gone home. Unfortunately we all get chucked out at 17.00 UTC. I won't see be able to see the results until Monday, so if you can help me anymore on this I'd be very grateful.

0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 12038830
Hi

Re: windows update - The only way that automatic updates will install regardless of who's logged in is to set automatic updates to the following option:

Download Updates automatically and install them on the schedule I specify, then set a time every day. This shouldn't matter who's logged in or not with what permissions - This will install them.

Re Symantec AV - What's the version that you're using? Corporate / Standalone /Managed / Unmanaged ?

Let us know if you haven't found a fix as yet,

Deb :))

0
 
LVL 20

Accepted Solution

by:
Debsyl99 earned 250 total points
ID: 12038895
BTW - forgot the following:
The link below will help test what's happening, but not all Symantec Products use task scheduler so the version is useful to know,
Symantec - Testing permissions for scheduled events in Windows NT or Windows 2000
http://service1.symantec.com/SUPPORT/ent-security.nsf/552ba2f7636bedf088256818006f78bf/4b123d589904346588256a220027aadd?OpenDocument&src=bar_sch_nam

Windows Update:
Or you can use WUS or SUS to deploy patches/updates
http://www.microsoft.com/windowsserversystem/sus/wusbeta.mspx

Have you managed to fix the virus yet? Try on online scan with Trend as they're pretty good - in my experience there are a host of Trojans that Symantec just isn't picking up (we use Corporate 8 across the entire network and I use 2004 at home - it missed 9 trojans last week) so it may well be nothing to do with liveupdate, it could just be Symantec being useless,
Trend
http://housecall.trendmicro.com/
Panda
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Deb :))
0
 
LVL 11

Author Comment

by:Jason210
ID: 12039939
Thanks Deb, esp for the tip about automatic updates.

The Symantec av were using is the corporate edition - sent down to us from head office. I thought it was supposed to be really good :(

I'll try the Trend scan and let you know.
0
 
LVL 11

Author Comment

by:Jason210
ID: 12044966
Nope. Symantec AV did not update itself as scheduled, when no-one was logged onto the server.
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 12045370
Hi

Any results with the Trend? (some viruses can prevent connection to av vendor's update sites - not sure if this is happening here though) also anything in the event logs on the server? AV usually posts logs in the application event log,

Deb :))

0
 
LVL 11

Author Comment

by:Jason210
ID: 12046537
Hi Deb, I couldn't test trend because Symantec crashed today, so I've been fixing that (amongst countless other things). I have invented a new term: "CPPP". It stands for Critical Problem Pop-up Period. It means when the frequency of problem occurance increases beyond the capacity of the network administrator to fix them! Smetimes it's almost like a chain reaction. Perhaps there's already a term out there for it but this one seems to work pretty well.

Tomorrow I'll have time to do the Trend tests. Hopefully I'll have something then.

Many thanks in the meantime.

/J
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 12046621
Hi Jason - many thanks for the update - I know JUST how you feel. Catch you later, and good luck,

Deb :))
0
 
LVL 11

Author Comment

by:Jason210
ID: 12056859
I don't want this to go off-topic. The question was about Live Updates. Thanks to Debsyl I got Windows update sorted - that's great. My problem now is with Symantec Live Update. I think I just do NOT understand how this works in the corporate edition. I cannot edit the Symantec scheduler, it is locked, even though I have Domain admin rights.

Please not that comments about the virus continue in this thread:

http://www.experts-exchange.com/Security/Bugs_Alerts/Q_21126720.html
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 12057252
Hi Jason,

You need to unlock the server group - if is corporate and is deployed as such - ie with server deploying updates to managed clients. Can you access or install the symantec system centre console? - should be on the server. You ordinarily need a password to unlock the server group - this should then allow you to configure update schedules etc. I haven't got access to one to give exact step by steps right now, but can do either tomorrow or Thursday if necessary. Let me know. In the meantime I'll try find you a user manual for it - what's the corporate edition?

Deb :))
0
 
LVL 11

Author Comment

by:Jason210
ID: 12069645
The edition is 8.1.

I have the password and can access a console.

It is also imposible for me to schedule any scans. There is one defalt scan sheduled for 12.00AM sunday, that is locked. I can't add any more, or edit this one even with full admin privilages.

Thanks for the help so far -

Jason

0
 
LVL 11

Author Comment

by:Jason210
ID: 12447964
Time to close this one, I guess. No final answer was obtained - although some fairly useful info and help was given. I 'll have to split this one on a 'B' I'm afraid....

Many thanks all.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recreate New ADC 1 288
Restore SQL database from 8.0 to 11.00 ? 3 1,338
Windows 2012 R2 DC compatibility Windows 2000 Servers and Windows XP 9 621
Referencing a mapped drive 6 141
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question