Symantec endpoint protection definitions not updating on some clients

Posted by / 16-Apr-2016 15:25

Symantec endpoint protection definitions not updating on some clients

For this I created a Power Shell script which will do just that.The script is called and is available for download at the end of this post.Since a non-persistent desktop loses all updates after a reboot the Symantec Endpoint Protection (SEP) clients’ virus definitions also resets to the moment you last updated the definition files in your image.This means that, each day since the last v Disk version, the client will have to re-download all definition files after every reboot.So I decided to create my own redirection solution. So here’s a Step-By-Step instruction on how to accomplish this.Here’s how I did it: folder to a location on my persistent disk, made my registry changes and started the client. Follow these steps in your client OS (in Read/Write mode): Now that we’ve prepared our image for this change we have to make sure that the definition files are present on the persistent disks on all VM’s in the environment.The obvious solution to this unwanted behavior is to move the definition files to a location on the persistent disk attached to the VM.

By default it will limit the execution to 10 concurrend sessions, in other words: only 10 VM’s at a time wil be running the scriptblock.The default setting can be overruled bij using the .I’m currently working in a Citrix Xen Desktop environment with pooled, non-persistent desktops.Citrix PVS is used to stream a read-only v Disk to VM’s on a Xen Server infrastructure.It has full help capabilities so you should be able to run it with ease.

symantec endpoint protection definitions not updating on some clients-51symantec endpoint protection definitions not updating on some clients-76symantec endpoint protection definitions not updating on some clients-84

Of course, if you’re using an alternate VDI solution you’ll have to create your own version. In short the script will retreive a list of VM’s from a catalog on a Citrix Desktop Controller of your choosing. It will use Invoke-Command to run a scriptblock on these machines, that copies the definition files to the persistent disk.

One thought on “symantec endpoint protection definitions not updating on some clients”