Sharkgrill
asked on
NAV 10.0.1 Admin Install
Hello Experts,
Currently our company has a variety of UNMANAGED AV clients. We use Symantec AV but some clients have 7.6, 9.0 and the latest 10.0.
Until recently, the clients have been unmanaged. I recently setup an AV server which would allow me to manage all the clients.
Now for the question.
Is there a way for me to remove the old version (or new version) of the AV client on our workstations, re-install using the "managed
option making the AV server the parent server without having to do it manually? We have 175 users.
I would like the ability to manage the clients from the Console on the AV server.
Any help would be greatly appreciated.
-M
Currently our company has a variety of UNMANAGED AV clients. We use Symantec AV but some clients have 7.6, 9.0 and the latest 10.0.
Until recently, the clients have been unmanaged. I recently setup an AV server which would allow me to manage all the clients.
Now for the question.
Is there a way for me to remove the old version (or new version) of the AV client on our workstations, re-install using the "managed
option making the AV server the parent server without having to do it manually? We have 175 users.
I would like the ability to manage the clients from the Console on the AV server.
Any help would be greatly appreciated.
-M
You may have some problems with the 7.6 machines I don't think they work to well with SAV 10.0 but it may be worth a try.
Also you will need to make a configuration change in the Symantec System Center before you start.
Open the Symantec System Center
unlock your server group
right click on your primary server all tasks-->symantec antivirus-->client administration only options and make sure you check the box that says allow legacy clients.
you can also browse to the vphome share from the clients and pull the file that way...
click start run
in the run line type: \\server name\vphome
and then copy the grc.dat to the correct location
hope that helps.
Also you will need to make a configuration change in the Symantec System Center before you start.
Open the Symantec System Center
unlock your server group
right click on your primary server all tasks-->symantec antivirus-->client administration only options and make sure you check the box that says allow legacy clients.
you can also browse to the vphome share from the clients and pull the file that way...
click start run
in the run line type: \\server name\vphome
and then copy the grc.dat to the correct location
hope that helps.
ASKER
Thank you guys for the quick replies.
I guess I am looking to automate the process. I knew about copying the GRC.dat, but replacing each dat file on 200 machines will take me weeks. (I am the only person on this project).
I want to uninstall the old client then install the 10.0 and point to the parent server. I was thinking maybe a group policy but it has not come to that yet.\
Thanks
I guess I am looking to automate the process. I knew about copying the GRC.dat, but replacing each dat file on 200 machines will take me weeks. (I am the only person on this project).
I want to uninstall the old client then install the 10.0 and point to the parent server. I was thinking maybe a group policy but it has not come to that yet.\
Thanks
No worries Sharkgrill
You have a couple of choices for the install process
1. you can use the Symantec System Center to push out the installs to all of the clients that will upgrade the ones that need upgraded and the ones that have SAV 10 already will simply reinstall and then be managed by the parent server.
2. you can use a GPO to install clients with a login script. The following document provides a walkthrough if you get stuck anwhere I can help.
http://service1.symantec.com/SUPPORT/ent-security.nsf/4c7874c886a9bb0c88256fc700654267/68fa23ac3b9747e788256ff7004b39d8?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=
3. you can set up a web based installation using IIS. The following document provides a walkthrough if you get stuck anwhere I can help.
http://service1.symantec.com/SUPPORT/ent-security.nsf/4c7874c886a9bb0c88256fc700654267/8c48c3047818820488256fe000600f7f?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=
don't worry about uninstalling the current version. the installer when run calls the uninstall string of what ever version is already there from the registry to perform an uninstall of the old version before installing the new version.
the only problem I forsee is with the 7.6 clients I don't think they are part of the upgrade path of SAV 10 its like SAV 8 and newer. I have seen about a 50% success rate with upgrading SAV 7.6 to SAV 10 from the System Center client roll out tool.
Make sure you back up the PKI folder of the primary server. Make sure you have the latest version of SAV and SSC installed its up to like 10.1 not to be confused with 10.0.1. Remember the client install requires a reboot to be comlete.
The following documentation is very lengthy but there is a lot of important info you should really be familiar with about this upgrade...way to much to type in a forum in one post. If you have specific questions I am very familiar with all of the Symantec Corporate Edition poducts as I was a support tech at Symantec for years.
There are 4 parts to this KB.
http://service1.symantec.com/SUPPORT/ent-security.nsf/4c7874c886a9bb0c88256fc700654267/c11d3168892b29da88256fe30062f68b?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=
You have a couple of choices for the install process
1. you can use the Symantec System Center to push out the installs to all of the clients that will upgrade the ones that need upgraded and the ones that have SAV 10 already will simply reinstall and then be managed by the parent server.
2. you can use a GPO to install clients with a login script. The following document provides a walkthrough if you get stuck anwhere I can help.
http://service1.symantec.com/SUPPORT/ent-security.nsf/4c7874c886a9bb0c88256fc700654267/68fa23ac3b9747e788256ff7004b39d8?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=
3. you can set up a web based installation using IIS. The following document provides a walkthrough if you get stuck anwhere I can help.
http://service1.symantec.com/SUPPORT/ent-security.nsf/4c7874c886a9bb0c88256fc700654267/8c48c3047818820488256fe000600f7f?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=
don't worry about uninstalling the current version. the installer when run calls the uninstall string of what ever version is already there from the registry to perform an uninstall of the old version before installing the new version.
the only problem I forsee is with the 7.6 clients I don't think they are part of the upgrade path of SAV 10 its like SAV 8 and newer. I have seen about a 50% success rate with upgrading SAV 7.6 to SAV 10 from the System Center client roll out tool.
Make sure you back up the PKI folder of the primary server. Make sure you have the latest version of SAV and SSC installed its up to like 10.1 not to be confused with 10.0.1. Remember the client install requires a reboot to be comlete.
The following documentation is very lengthy but there is a lot of important info you should really be familiar with about this upgrade...way to much to type in a forum in one post. If you have specific questions I am very familiar with all of the Symantec Corporate Edition poducts as I was a support tech at Symantec for years.
There are 4 parts to this KB.
http://service1.symantec.com/SUPPORT/ent-security.nsf/4c7874c886a9bb0c88256fc700654267/c11d3168892b29da88256fe30062f68b?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will try that. Thank you for the information.
I was going to just simply push the install out via the SSC (Tools-Remote client install) but was not sure how that would work since my users already had SAV 9.0.. I will try this
I was going to just simply push the install out via the SSC (Tools-Remote client install) but was not sure how that would work since my users already had SAV 9.0.. I will try this
ASKER
I tried using the SC. Clients are not updating. It says it completes but the clients are not listed under the group.
Am I missing somethign with the System Center? Maybe I am missing a step?
Am I missing somethign with the System Center? Maybe I am missing a step?
make sure and reboot the clients after the install.
if the clients are running xp sp2 the built in firewall could be blocking communication. If so you will need to open up TCP port 2967.
other than that here are the steps to view the clients.
open system center and unlock your server group
click on your primary server and you should see your clients listed on the right hand side.
let me know what happens?
if the clients are running xp sp2 the built in firewall could be blocking communication. If so you will need to open up TCP port 2967.
other than that here are the steps to view the clients.
open system center and unlock your server group
click on your primary server and you should see your clients listed on the right hand side.
let me know what happens?
ASKER
It worked like a champ SYM. There are some clients I will have to do manually due in large part to the 7.6 client out there. This saved me so much time. Thanks
I will be looking for you regarding other symantec products :)
I will be looking for you regarding other symantec products :)
anytime sharkgrill...
when you get to the machines you are going to do manually...do this
on the client click start-->run
type: \\name of primary server\vphome
browse to the win32 folder and run setup.exe
that will perform the upgrade to SAV10 and make the client managed by the parent
just a little bonus for ya there!
when you get to the machines you are going to do manually...do this
on the client click start-->run
type: \\name of primary server\vphome
browse to the win32 folder and run setup.exe
that will perform the upgrade to SAV10 and make the client managed by the parent
just a little bonus for ya there!
Copy the GRC.dat file from the parent server to the client and restart the "Symantec Antivirus" service or reboot the machine.
GRC.dat is located in on a Windows machine:
:\Program Files\SAV or :\Program Files\SAV\Symantec AntiVirus depending on the install
Copy the file to the following location on the client:
:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5
Honestly rebooting or restarting the service on the client simply expedites the process. If you give them enough time they will automatically process the file