Cool Solutions

OPEN CALL: SAV Remote Install

coolguys

By:

September 5, 2006 12:00 am

Reads:5,225

Comments:0

Score:Unrated

Cameron T. wrote: Re: the article about Pushing out Symantec AntiVirus Corporate Edition 10.0, I like the idea of deploying via SAV 10′s client remote install, however, when I select the desired workstations the process won’t continue because it demands the administrator login and password of the local domain the workstation belongs to, but our environment does not have domains. I tried typing the local administrator account and password but this was unrecognised. Any ideas?

OPEN CALL: Anyone have any suggestions for Cameron? Let us know.

Suggestions

Christopher Farkas

Did you try the format of Computername\Username?

I still run in an NT domain structure and don’t have all my servers in
the Domain and that normally works for me. Also, try creating the same
user name and PW on all your PCs, that way, when the application checks
for username/pw, it will fool it into thinking that it’s a domain good on
all servers.

Chris Williams

I’ve had exactly the same problem with SAV versions 9 & 10. In my case about 90% of the machines would work using local administrator, but the other 10% wouldn’t. It sometimes helped to ensure that the target machine was powered on and a user was logged in when I attempted the remote install.

Another thing that helped was to import a list of IP addresses into the SAV install utility instead of using the built-in network browser.

After these work-arounds, I usually got about 98% installed remotely, the rest I had to do manually (or via remote control).

Mario Haven

I have pushed out more than 1000 SAV Clients to our Windows machines over ZENworks, using the .MSI and a customized .MST File and it’s working great.

If you want to install the clients remotely, using the Symantec console, you don’t need a domain for client access. Simply create a TXT file that holds the IP addresses of your workstations. Inside the Symantec Remote Install Windows mark your primary server, then use the Import button and select your TXT File. As a login, use Workgroup/administrator (sometimes the Administrator only is not working, however Symantec knows the bug ) and your password. This should work.

Eric Ho

Try the Symantec System Center Console. It is so easy to remotely
install the client to remote workstations. From its Client Remote Install
tool, you pick the workstation which you would like to deploy the client
to, and key in local administrator password once. Then the job is done.

The only problem I have encountered is that I have to record those
workstations which were offline while I was deploying the client. Then when
they are back online I deploy the client over again.

Another easy way is using the ZENworks Application object. Configure it as
follows:

  1. Create MSI object
  2. Select Force run, Once.
  3. Select No user interaction.
  4. Make it available for offline users
  5. Run as system user.
  6. Use the availability to check the SAV client Version in registry.

That’s it. Hope it helps. Good luck.

Sami Kapanen

SAV Remote Install does work with the Windows local Administrator account & password, we don’t have domains either. But it requires other things too:

  • Microsoft File and Print Sharing must be installed on the workstations
  • Workstations must have the default C$ and ADMIN$ shares
  • XP firewall may affect it too
  • If you can access the shares, you can RemoteInstall SAV, so try:
    net use * \\workstation\c$

    See Symantec Support for more information.

    Garrett M. Pichler

    The reason for getting the administrator login and password box is that Windows Firewall is enabled. The simple solution is to disable Windows Firewall and then try to push it from the SAV remote install console. You can also try to open the ports for SAV in Windows Firewall. Check this out.

    (Side Note: I have not had much luck with opening the ports and getting them to install correctly.)

    After you have done the push, re-enable Windows Firewall on the workstations.

    Matthew Barclay

    My company is pushing out SAV via the Symantec Remote Client Install
    feature. While setting it up, we ran into the same issue that you are
    talking about, asking for the un/pw/domain when you select a
    workstation. It is a port issue.

    You need to open 2967 TCP and 139 TCP
    on your routers. The ports need to be opened from the subnet where SSC is
    running, to any subnets containing clients that you want to perform
    remote install on. You will also need to open the ports on the Windows
    Firewall on the client computers. We did this via a Novell login
    script.

    We never got the Remote install feature to work with PCs that were not
    on the domain, but it works great for clients that are on a domain.

    Robert Parlett

    Symantec’s Remote Client Install tool is nice if you have an AD Domain, but since you don’t have one I’m pretty sure you’re Sorta Outta Luck. Since you’ve read the Pushing out Symantec AntiVirus Corporate Edition 10.0 article, why don’t you try one of those suggestions instead?

    You could also try to do it the Symantec way with the container login script and the SymantecAntivirusUser group. As per the SAV installation manual:

    Configuring automatic client installations from
    NetWare servers

    If you have a Novell NetWare server, but no Windows workstations on which to
    run the Symantec System Center, you can configure Symantec AntiVirus to install
    automatically on your Windows clients.

    To configure automatic client installations from NetWare servers

    1. Add users to the SymantecAntiVirusUser group using Nwadmin32 or
      ConsoleOne.
    2. On the server console, load Vpregedt.nlm.
    3. Click (O)pen.
    4. Click VirusProtect6.
    5. Press Enter.
    6. Click (O)pen again, click LoginOptions, and then press Enter.
    7. In the left pane of the window, click (E)dit to edit values.
    8. Click DoInstallOnWin95, and then select one of the following:
      • OPTIONAL: Prompts the user whether to start the installation.
      • FORCE: Silently starts the installation.
      • NONE: Do not install.

      These entries are case-sensitive.

    9. If you previously installed clients and need to force a new update, increment
      the WinNTClientVersion to a higher number.
    10. Unload the Symantec AntiVirus NLM from the NetWare server.
    11. Type the following command to reload the NLM:
      Load Sys:\Sav\Vpstart
    12. Test the client installation by logging on as a member of the
      SymantecAntiVirusUser group from a Novell NetWare client.

    Also, you’ll need to make sure that the container login script is added to whatever container your users are in. This is the container script I pulled from the SAV 10.0 install CD’s install.ini. This needs to be cleaned up a bit i.e. replace the $FILE_SERVER$ strings with your SAV server’s name and replace the “.CN=SymantecAntiVirusUser.$OU$ string with the right context:

    IF MEMBER OF ".CN=SymantecAntiVirusUser.$OU$" THEN
      MAP INS S1:=$FILE_SERVER$\SYS:\LOGIN\NAV
      IF "%OS" = "WIN95" OR "%OS" = "WIN98" THEN
         #VP_Log32 /p=\\$FILE_SERVER$\SYS\LOGIN\NAV
      ELSE
      #OSVER
      IF "%ERROR_LEVEL" = "1" THEN
    ; Not Client 32 -- do normal DOS things
    ;    #PUSHPOP +T \\$FILE_SERVER$\SYS\LOGIN\NAV\VPTEMP
    ;    MAP T:=$FILE_SERVER$\SYS:
    ;    #LOGINVER
    ;    #VP_Log16 /p=T:LOGIN\NAV /l=$LANG_ID$ /n="%ERROR_LEVEL"
    ;    IF "%ERROR_LEVEL" = "1" THEN
    ;        #TSRINIT /Q T:\LOGIN\SAV\VPSCAN16.BAT T:\LOGIN\NAV
    ;        #TSRINIT /Q \\$FILE_SERVER$\SYS\LOGIN\NAV\PUSHPOP -T: \\$FILE_SERVER$\SYS\LOGIN\NAV\VPTEMP
    ;    ELSE
    ;        #PUSHPOP -T: \\$FILE_SERVER$\SYS\LOGIN\NAV\VPTEMP
    ;    END
      ELSE
    ; In case it is Client 32 on Windows 3.1
        IF "%ERROR_LEVEL"="3" OR  "%ERROR_LEVEL"="2" OR "%ERROR_LEVEL"="17" THEN
          #\\$FILE_SERVER$\SYS\LOGIN\NAV\OSVER
          IF "%ERROR_LEVEL" = "1" THEN
    ; It is Client 32 on Windows 3.1
    ;        #PUSHPOP +T \\$FILE_SERVER$\SYS\LOGIN\NAV\VPTEMP
    ;        MAP T:=$FILE_SERVER$\SYS:
    ;        #VP_Log16 /p=T:LOGIN\NAV /l=enu /n="4"
    ;        #VPSCAN16.BAT T:\LOGIN\NAV
    ;        #TSRINIT /Q \\$FILE_SERVER$\SYS\LOGIN\NAV\PUSHPOP -T: \\$FILE_SERVER$\SYS\LOGIN\NAV\VPTEMP
          ELSE
           #VP_Log32 /p=\\$FILE_SERVER$\SYS\LOGIN\NAV
        END
        END
      END
      END
      MAP DEL S1:
    END

    I’ve done it this way with SAV 7.x and 8.x, however it’s been a while so I can’t guarantee anything.

    Bengt Bäckström

    Create a simple application object and point it to the setup.exe with the settings “Setup.exe /S /v/qn” and the installation will go smoothly. Make sure to run it as unsecure system user and you should be home free.

    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this post.
    Loading ... Loading ...

    Categories: Uncategorized

    Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

    Comment

    RSS