I installed a new AV server. It is runinng Symantec AV 10.1 and Symantec System Center
The clients (running Symantec 10.1) did not check into the new server after pushing out a new install of AV.
The problem was with the reg keys and the certificate not being updated.
This script will copy the new certificate to the target computer, update the regkeys
and then it will restart the symantec service. Then in a few seconds the clients will check into
the Symantec System Center on their own!
This script has been updated!
I placed the second script below the first one, just incase anyone wants to use the old script.
To operate the new script, create a txt file with the names of the machines you need to have log into the SSC.
Then just drop the .txt file onto the script… The rest is automatic!
———-COPY EVERYTHING BELOW THIS LINE———-
'This script will install the correct certificate for the AV server.
'It will rewrite the registry keys on the target computer and restart the Symantec service.
'RUN THIS SCRIPT FROM THE AV SERVER
'Created by Cheyenne Harden 1.11.07
On Error Resume Next
const HKLM = &H80000002
Const OverwriteExisting = TRUE
Const DeleteReadOnly = TRUE
strComputer = Inputbox("Enter the name of the computer you would like to update.")
strService2 = "Symantec AntiVirus"
strservice = "'" & strService2 & "'"
intSleep = 25000
ManipFile()
RegKey()
RestartService()
Sub ManipFile()
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.DeleteFile("\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots\*.cer"), DeleteReadOnly
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.CopyFile "C:\Program Files\SAV\pki\roots\*.*" , "\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots", OverwriteExisting
End Sub
Sub RegKey()
'Write Reg Keys
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion"
oReg.CreateKey HKLM,strKeyPath
strValueName = "AlertDirectory" 'Name of a string you want to create
strValue = \\AV_Server_Name_Here\VPALERT$
oReg.SetStringValue HKLM,strKeyPath,strValueName,strValue
strValueName1 = "Parent" 'Name of a string you want to create
strValue1 = "AV_Server_Name_Here"
oReg.SetStringValue HKLM,strKeyPath,strValueName1,strValue1
strValueName2 = "RemoteHomeDirectory" 'Name of a string you want to create
strValue2 = "\\AV_Server_Name_Here\VPHOME"
oReg.SetStringValue HKLM,strKeyPath,strValueName2,strValue2
End Sub
Function RestartService()
'restart symantec service
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set colListOfServices = objWMIService.ExecQuery _
("Select * from Win32_Service Where Name ="_
& strService & " ")
For Each objService in colListOfServices
objService.StopService()
WSCript.Sleep intSleep 'Gives the service time to shutdown
objService.StartService()
Next
End Function
———-COPY EVERYTHING ABOVE THIS LINE———-
PLEASE MAKE SURE NO WORD WRAPPING IS HAPPENING IN YOUR SCRIPT!!!
To make this script work you will need the items below!
1. Run this script from the AV Server.
2. Make sure the admin account has access to the target computers services and c$ share.
3. Change Reg keys to fit your AV server:
strValue = "\\AV_Server_Name_Here\VPALERT$"
strValue1 = "Print_Server_Name_Here"
strValue2 = "\\AV_Server_Name_Here\VPHOME"
This information is provided "AS IS" with no warranties expressed or implied.
****************************************************************************************************
*****************************Below starts the update to this script*****************************
****************************************************************************************************
———-COPY EVERYTHING BELOW THIS LINE FOR THE NEW SCRIPT———-
'This script will install the correct certificate for the AV server.
'It will rewrite the registry keys on the target computer and restart the Symantec service.
'RUN THIS SCRIPT FROM THE AV SERVER as Administrator
'Created/Updated by Cheyenne Harden 11.28.07
On Error Resume Next
const HKLM = &H80000002
Const ForReading = 1
Const OverwriteExisting = TRUE
Const DeleteReadOnly = TRUE
objFileName = ""
IsAlive = False
FileName = ""
FileName2 = ""
strService2 = "Symantec AntiVirus"
strservice = "'" & strService2 & "'"
intSleep = 30000
Set objFSObj = CreateObject("Scripting.FileSystemObject")
Set objArgs = WScript.Arguments
Set objTextFile = objFSObj.OpenTextFile(objArgs(0), ForReading)
Do Until objTextFile.AtEndOfStream
strComputer = objTextFile.Readline
If strComputer = "" Then
WScript.Quit
Else
Ping()
If IsAlive = True Then
FileExistsServer()
End If
End If
Loop
Function Ping()
Const OpenAsASCII = 0
Const DoesNotExist = 0
Const ForReading = 1
Set objShell = CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
objTempFile = objFSO.GetSpecialFolder(2).ShortPath & "\" & objFSO.GetTempName
objShell.Run "%comspec% /c ping.exe -n 2 -w 500 " & strComputer & ">" & objTempFile, 0 , True
Set fFile = objFSO.OpenTextFile(objTempFile, ForReading, DoesNotExist, OpenAsASCII)
Select Case InStr(fFile.ReadAll, "TTL=")
Case 0
IsAlive = False
'WScript.Echo "False"
Case Else
IsAlive = True
'WScript.Echo "True"
End Select
fFile.Close
objFSO.DeleteFile(objTempFile)
Set objFSO = Nothing
Set objShell = Nothing
End Function
Function FileExistsServer()
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\AV SERVER NAME HERE\root\cimv2")
Set colFileList = objWMIService.ExecQuery _
("ASSOCIATORS OF {Win32_Directory.Name='D:\Program Files\Symantec AntiVirus\pki\roots'} Where " _
& "ResultClass = CIM_DataFile")
For Each objFile In colFileList
FileName = objFile.Name
FileName = Right(FileName,52)
'WScript.Echo FileName
FileExistsClient()
If FileName = FileName2 Then
'WScript.Echo "Same"
Else
'WScript.Echo "Different"
ManipFile()
RegKey()
RestartService()
WScript.Sleep intSleep
ServiceCheck()
End If
Next
End Function
Function FileExistsClient()
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colFileList = objWMIService.ExecQuery _
("ASSOCIATORS OF {Win32_Directory.Name='C:\Program Files\Symantec AntiVirus\pki\roots'} Where " _
& "ResultClass = CIM_DataFile")
For Each objFile In colFileList
FileName2 = objFile.Name
FileName2 = Right(FileName2,52)
'WScript.Echo FileName2
Next
End Function
Function ManipFile()
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.DeleteFile("\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots\*.cer"), DeleteReadOnly
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.CopyFile "\\YOUR AV SERVER NAME HERE\D$\Program Files\Symantec AntiVirus\pki\roots\*.*" , "\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots", OverwriteExisting
End Function
Sub RegKey()
'Write Reg Keys
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion"
oReg.CreateKey HKLM,strKeyPath
strValueName = "AlertDirectory" 'Name of a string you want to create
strValue = "\\YOUR AV SERVER NAME HERE\VPALERT$"
oReg.SetStringValue HKLM,strKeyPath,strValueName,strValue
strValueName1 = "Parent" 'Name of a string you want to create
strValue1 = "AV SERVER NAME HERE"
oReg.SetStringValue HKLM,strKeyPath,strValueName1,strValue1
strValueName2 = "RemoteHomeDirectory" 'Name of a string you want to create
strValue2 = "\\YOUR AV SERVER NAME HERE\VPHOME"
oReg.SetStringValue HKLM,strKeyPath,strValueName2,strValue2
End Sub
Function RestartService()
'restart symantec service
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colListOfServices = objWMIService.ExecQuery _
("Select * from Win32_Service Where Name =" & strService & " ")
For Each objService in colListOfServices
objService.StopService()
WScript.Sleep intSleep
objService.StartService()
Next
End Function
Function ServiceCheck()
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colRunningServices = objWMIService.ExecQuery("Select * from Win32_Service Where Name='Symantec AntiVirus'")
For Each objService in colRunningServices
'WScript.Echo objService.DisplayName & VbTab & objService.State
If objService.State = "Stopped" Then
'WScript.Echo "Stopped"
objService.StartService()
Else
'WScript.Echo "Running"
End If
Next
End Function
———-COPY EVERYTHING ABOVE THIS LINE FOR THE NEW SCRIPT———-
PLEASE MAKE SURE NO WORD WRAPPING IS HAPPENING IN YOUR SCRIPT!!!
To make this script work you will need the items below!
1. Run this script from the AV Server.
2. Make sure the admin account has access to the target computers services and c$ share.
3. Change Reg keys to fit your AV server:
strValue = "\\AV_Server_Name_Here\VPALERT$"
strValue1 = "AV_Server_Name_Here"
strValue2 = "\\AV_Server_Name_Here\VPHOME"
4. Change this line to reflect your AV SERVER
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\YOUR SERVER NAME HERE\root\cimv2")
5. Change this line to reflect the path to the Symantec certificate on your server (e.g., c:\…\)
("ASSOCIATORS OF {Win32_Directory.Name='D:\Program Files\Symantec AntiVirus\pki\roots'} Where " _
6. Change this line to reflect the path to the Symantec certificate on your server
objFSO.CopyFile "\\YOUR SERVER NAME HERE\D$\Program Files\Symantec AntiVirus\pki\roots\*.*" , "\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots", OverwriteExisting
This information is provided "AS IS" with no warranties expressed or implied.