I installed a new AV server. It is runinng Symantec AV 10.1 and Symantec System Center
The clients (running Symantec 10.1) did not check into the new server after pushing out a new install of AV.
The problem was with the reg keys and the certificate not being updated.
This script will copy the new certificate to the target computer, update the regkeys
and then it will restart the symantec service. Then in a few seconds the clients will check into
the Symantec System Center on their own!

This script has been updated!

I placed the second script below the first one, just incase anyone wants to use the old script.
To operate the new script, create a txt file with the names of the machines you need to have log into the SSC.

Then just drop the .txt file onto the script... The rest is automatic!

----------COPY EVERYTHING BELOW THIS LINE----------

'This script will install the correct certificate for the AV server.
'It will rewrite the registry keys on the target computer and restart the Symantec service.
'RUN THIS SCRIPT FROM THE AV SERVER
'Created by Cheyenne Harden 1.11.07

On Error Resume Next

const HKLM = &H80000002
Const OverwriteExisting = TRUE
Const DeleteReadOnly = TRUE
strComputer = Inputbox("Enter the name of the computer you would like to update.")
strService2 = "Symantec AntiVirus" 
strservice = "'" & strService2 & "'"
intSleep = 25000

ManipFile()
RegKey()
RestartService()

Sub ManipFile()
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.DeleteFile("\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots\*.cer"), DeleteReadOnly

Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.CopyFile "C:\Program Files\SAV\pki\roots\*.*" , "\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots", OverwriteExisting
End Sub

Sub RegKey()
'Write Reg Keys
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")

strKeyPath = "SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion"
oReg.CreateKey HKLM,strKeyPath

strValueName = "AlertDirectory" 'Name of a string you want to create
strValue = \\AV_Server_Name_Here\VPALERT$
oReg.SetStringValue HKLM,strKeyPath,strValueName,strValue

strValueName1 = "Parent" 'Name of a string you want to create
strValue1 = "AV_Server_Name_Here"
oReg.SetStringValue HKLM,strKeyPath,strValueName1,strValue1

strValueName2 = "RemoteHomeDirectory" 'Name of a string you want to create
strValue2 = "\\AV_Server_Name_Here\VPHOME"
oReg.SetStringValue HKLM,strKeyPath,strValueName2,strValue2
End Sub

Function RestartService()
'restart symantec service
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set colListOfServices = objWMIService.ExecQuery _
("Select * from Win32_Service Where Name ="_
& strService & " ")
For Each objService in colListOfServices
objService.StopService()
WSCript.Sleep intSleep   'Gives the service time to shutdown
objService.StartService()
Next
End Function

----------COPY EVERYTHING ABOVE THIS LINE----------

PLEASE MAKE SURE NO WORD WRAPPING IS HAPPENING IN YOUR SCRIPT!!!

To make this script work you will need the items below!

1. Run this script from the AV Server.
2. Make sure the admin account has access to the target computers services and c$ share.
3. Change Reg keys to fit your AV server:
strValue = "\\AV_Server_Name_Here\VPALERT$"
strValue1 = "Print_Server_Name_Here"
strValue2 = "\\AV_Server_Name_Here\VPHOME"

This information is provided "AS IS" with no warranties expressed or implied.

**************************************************************************************************** 
*****************************Below starts the update to this script***************************** 
****************************************************************************************************

----------COPY EVERYTHING BELOW THIS LINE FOR THE NEW SCRIPT----------

 'This script will install the correct certificate for the AV server.
'It will rewrite the registry keys on the target computer and restart the Symantec service.
'RUN THIS SCRIPT FROM THE AV SERVER as Administrator
'Created/Updated by Cheyenne Harden 11.28.07

On Error Resume Next

const HKLM = &H80000002
Const ForReading = 1
Const OverwriteExisting = TRUE
Const DeleteReadOnly = TRUE

objFileName = ""
IsAlive = False
FileName = ""
FileName2 = ""
strService2 = "Symantec AntiVirus" 
strservice = "'" & strService2 & "'"
intSleep = 30000

Set objFSObj = CreateObject("Scripting.FileSystemObject")
Set objArgs = WScript.Arguments
Set objTextFile = objFSObj.OpenTextFile(objArgs(0), ForReading)

Do Until objTextFile.AtEndOfStream
 strComputer = objTextFile.Readline
       
 If strComputer = "" Then
  WScript.Quit 
 Else
  Ping()
   If IsAlive = True Then
    FileExistsServer()
   End If

 End If

Loop

Function Ping()
 Const OpenAsASCII = 0
    Const DoesNotExist = 0
    Const ForReading =  1
   
    Set objShell = CreateObject("WScript.Shell")
    Set objFSO = CreateObject("Scripting.FileSystemObject")
  objTempFile = objFSO.GetSpecialFolder(2).ShortPath & "\" & objFSO.GetTempName
  objShell.Run "%comspec% /c ping.exe -n 2 -w 500 " & strComputer & ">" & objTempFile, 0 , True
    Set fFile = objFSO.OpenTextFile(objTempFile, ForReading, DoesNotExist, OpenAsASCII)
   
 Select Case InStr(fFile.ReadAll, "TTL=")
        Case 0
   IsAlive = False
   'WScript.Echo "False"
        Case Else
   IsAlive = True
   'WScript.Echo "True"
    End Select
    fFile.Close
    objFSO.DeleteFile(objTempFile)
    Set objFSO = Nothing
    Set objShell = Nothing
End Function

Function FileExistsServer()
 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\AV SERVER NAME HERE\root\cimv2")
 Set colFileList = objWMIService.ExecQuery _
  ("ASSOCIATORS OF {Win32_Directory.Name='D:\Program Files\Symantec AntiVirus\pki\roots'} Where " _
   & "ResultClass = CIM_DataFile")

 For Each objFile In colFileList
  FileName = objFile.Name
   FileName = Right(FileName,52)
   'WScript.Echo FileName
  FileExistsClient()
  If FileName = FileName2 Then
   'WScript.Echo "Same"
  Else
   'WScript.Echo "Different"
   ManipFile()
   RegKey()
   RestartService()
   WScript.Sleep intSleep
   ServiceCheck()
  End If
 Next

End Function

Function FileExistsClient()
 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 Set colFileList = objWMIService.ExecQuery _
  ("ASSOCIATORS OF {Win32_Directory.Name='C:\Program Files\Symantec AntiVirus\pki\roots'} Where " _
   & "ResultClass = CIM_DataFile")

 For Each objFile In colFileList
  FileName2 = objFile.Name
   FileName2 = Right(FileName2,52)
   'WScript.Echo FileName2 
 Next
End Function

Function ManipFile()
 Set objFSO = CreateObject("Scripting.FileSystemObject")
  objFSO.DeleteFile("\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots\*.cer"), DeleteReadOnly

 Set objFSO = CreateObject("Scripting.FileSystemObject")
  objFSO.CopyFile "\\YOUR AV SERVER NAME HERE\D$\Program Files\Symantec AntiVirus\pki\roots\*.*" , "\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots", OverwriteExisting
End Function

Sub RegKey()
'Write Reg Keys
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")

strKeyPath = "SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion"
oReg.CreateKey HKLM,strKeyPath

strValueName = "AlertDirectory" 'Name of a string you want to create
strValue = "\\YOUR AV SERVER NAME HERE\VPALERT$"
oReg.SetStringValue HKLM,strKeyPath,strValueName,strValue

strValueName1 = "Parent" 'Name of a string you want to create
strValue1 = "AV SERVER NAME HERE"
oReg.SetStringValue HKLM,strKeyPath,strValueName1,strValue1

strValueName2 = "RemoteHomeDirectory" 'Name of a string you want to create
strValue2 = "\\YOUR AV SERVER NAME HERE\VPHOME"
oReg.SetStringValue HKLM,strKeyPath,strValueName2,strValue2
End Sub

Function RestartService()
 'restart symantec service
 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 Set colListOfServices = objWMIService.ExecQuery _
  ("Select * from Win32_Service Where Name =" & strService & " ")
 For Each objService in colListOfServices
  objService.StopService()
  WScript.Sleep intSleep
  objService.StartService()
 Next
End Function

Function ServiceCheck()
 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 Set colRunningServices = objWMIService.ExecQuery("Select * from Win32_Service Where Name='Symantec AntiVirus'")

 For Each objService in colRunningServices
  'WScript.Echo objService.DisplayName  & VbTab & objService.State
  If objService.State = "Stopped" Then
   'WScript.Echo "Stopped"
   objService.StartService()
  Else
   'WScript.Echo "Running"
  End If
Next 
End Function

----------COPY EVERYTHING ABOVE THIS LINE FOR THE NEW SCRIPT----------

PLEASE MAKE SURE NO WORD WRAPPING IS HAPPENING IN YOUR SCRIPT!!!

To make this script work you will need the items below!

1. Run this script from the AV Server.
2. Make sure the admin account has access to the target computers services and c$ share.
3. Change Reg keys to fit your AV server:
strValue = "\\AV_Server_Name_Here\VPALERT$"
strValue1 = "AV_Server_Name_Here"
strValue2 = "\\AV_Server_Name_Here\VPHOME"
4. Change this line to reflect your AV SERVER

Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\YOUR SERVER NAME HERE\root\cimv2")
5. Change this line to reflect the path to the Symantec certificate on your server (e.g., c:\...\)

("ASSOCIATORS OF {Win32_Directory.Name='D:\Program Files\Symantec AntiVirus\pki\roots'} Where " _

6. Change this line to reflect the path to the Symantec certificate on your server

objFSO.CopyFile "\\YOUR SERVER NAME HERE\D$\Program Files\Symantec AntiVirus\pki\roots\*.*" , "\\" & strComputer & "\c$\Program Files\Symantec AntiVirus\pki\roots", OverwriteExisting

This information is provided "AS IS" with no warranties expressed or implied.

Comments

Add New Search

Chris - Mr   | 196.44.69.xxx | 13-02-2007 06:01:20 what file extension must be used for this script? Bat, exe ??? Reply | Quote 0   0

handcrafted jewellry - handcrafted jewellry     | 222.131.25.xxx | 20-11-2008 05:36:28 wholesale jewelry handmade jewelry handcrafted jewelry jewelry wholesale wholesale handmade jewelry pearl jewelry wholesale pearl jewelry wholesale turquoise jewelry wholesale coral jewelry wholesale shell jewelry wholesale gemstone jewelry wholesale crystal jewelry fashion jewelry wholesale jewellry [url=h... Reply | Quote 0   0

ceharden - File Extension   | Author | 23-05-2007 09:01:45 Almost all of my scripts are vbscripts (5.6). .vbs is the file extension used to run a vbscript. Also, I write all of my scripts to run under wscript and not cscript. I like the interactive windows that wscript displays. ~Chey Harden Reply | Quote 0   0

fashion jewelry - fashion jewelry     | 222.131.25.xxx | 20-11-2008 05:39:56 wholesale jewelry jewelry store fashion jewelry crystal jewelry jewelry wholesale pearl jewelry wholesale crystal wholesale pearl wholesale turquoise wholesale semi-precious jewelry wholesale coral wholesale shell wholesale swarovski crystal Reply | Quote 0   0

Geoff - Dude! You rock!   | 63.85.35.xxx | 23-01-2008 10:10:02 That was exactly what I needed. Nothing else seemed to be working. Reply | Quote 0   0

madbassist1 - uh what if you have multiple c   | 159.124.100.xxx | 08-02-2008 15:46:22 like 7,000? Reply | Quote 0   0

ceharden - 7000 computers!   | Publisher | 29-02-2008 13:21:52 Well, you could run this as a logon script, but would require some editing. First it would have to write a reg key to confirm that they system had or had not been updated by the script. Also, it would have to reference strComputer=".", which is like saying to the script localhost. But it can be done. Reply | Quote 0   0

Write comment
Name:
Email:	do not notifynotify
Website:
Title:
UBBCode:	-color-aquablackbluefuchsiagraygreenlimemaroonnavyolivepurpleredsilvertealwhiteyellow -size-tinysmallmediumlargehuge
	Please input the anti-spam code that you can read in the image.

Powered by !JoomlaComment 3.12

Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved.