I'm trying to get our 130-odd NOD32 clients to update properly from a local update cache, as opposed to all connecting to a server somewhere on the Internet as they all seem to be doing at the moment. Some background: we bought NOD32 a year ago, configured an update server, added the client install to the install script I run on each workstation after I reimage it. We paid for a year's renewal last week and put the details in to the update server, but non of the clients registered the update, instead popping up messages about how workstations are Exposed To Risk. It would seem that the clients are all configured to pick up updates from the Internet still, not our update server.
I can manually configure the client on my PC to connect to the update server, but it seems convinced that the update dated 12/11/2009 is the most up-to-date one (NOD32 actually seems to release updates two or three times a day). Using the NOD32 Control Centre on the server, I can go to the "Update" option and run an update, which seems to update the virus definitions on the server to 18/11/2009. However, the files shown in the mirror folder ("C:\NOD32", shared as "NOD32" from the server, all-readable) have an update date of 12/11/2009.
Is there some way of getting the proper up-to-date update files to appear in the mirror folder? Am I missing some step? Is there some way to get the NOD32 Control Centre to flush it's update cache, or some way to convince it to copy the proper updates to the mirror folder?
OutToLunch (18th November 2009)
Either I'm confused, or the NOD32 client is, or the Universe in general is (at the moment, I'm leaning towards the Universe-in-general option). Has anyone else had much experience with getting NOD32 to actually update itself properly? I'm planning to leave it overnight to see if a spot of rest does it good. Otherwise, is anyone running NOD32 version 4 (we're running version 3 still) - any problems, or would it be a good idea for us to upgrade to v4?
ERA Server and Console seems to do a good job of finding NOD32 clients by itself. However, ERA Server is not the updates mirror server - that's what you need NOD32 installed for. And you also need to enter your license username and password for the "mirror" tab to be enabled, which is a tad confusing. I have no idea what NOD32 uses, or thinks it uses, HTTP for - the mirror "server" is actually a UNC path to a file share. When entering configuration details for clients, when asked for "server" details it actually means the UNC path to the updates mirror share - e.g. "\\acsapps001\NOD32", not simply "acsapps001" as you might think.
If you want to do a remote install on the NOD32 client you have to make sure there's a port exception for Windows File & Print Sharing in Windows Firewall on each client workstation. Youy need that same exception on the server, and the server also seems to need exceptions for ports 2222, 2223 and 2224 for both TCP and UDP.
You can edit a NOD32 config with the supplied config editor and export that config as an XML file - make sure you export the entire XML file, not just a part of it. You seem to have to do Edit -> Mark All before you choose File -> Export Selection (my config editor would only let me do Save, not Save As). The username and password asked for in the config for the update server actually refer to a username on your local domain - set up a "NOD32" user that has access to the update mirror share. Remember that "server" refers to the UNC path of the update mirror share, not simply the server name.
Once you have an XML file, check it's correct - re-open it with the config editor and check the data you expect is there. The config file needs to be specified when you install the MSI file - I have:
--Code:msiexec /i P:\NOD32\4.0.474\eavbe_nt32_enu.msi /qb! REBOOT="ReallySuppress" ADMINCFG="P:\NOD32\NOD32.xml"
Last edited by dhicks; 11th December 2009 at 01:26 PM.
leco (11th December 2009)
Wish I'd had that in summer when I was installing V4 (then had to revert to V3 but anyway) I seem to recall there's an uninstall previous versions option somewhere. I know that I uninstalled V3 first, and I didn't have to do it manually, so perhaps I packaged it. I did mine in OU groups, checking a sample of each as they completed.
I've just updated all of our clients from v2 to v3/v4 and it went well. I just rolled out V3 with Group Policy it uninstalled V2 and then installed V3 without any problems.
As for the config I've found it easier to install the client locally and configure all settings then just export the settings as an .xml file if you name this file cfg.xml and place it in the same folder as the installer it will be picked up automatically even when being deployed via GP.
The console and server are all that is required you don't actually need NOD32 installed on the server to create the mirror like in V2.
I couldn't get the HTTP server working either so I went with a network share again and it works fine.
Also when I tried rolling out V4 over V3 it upgraded just the same as with V2 so you shouldn't need to uninstall V3 from all stations. Give it a try in testing.
Last edited by cookie_monster; 11th December 2009 at 03:01 PM.
Not at school at the mo so I can't check, but I was moving from V3 to V4. I'll try and remember to have a look on Monday. Not that it would help you as you've already completed but might add to the knowledge bank.
Good point, thanks.As for the config I've found it easier to install the client locally and configure all settings then just export the settings as an .xml file
Drat - I think I might have called the previous version NOD32.xml, that would be why the original install didn't pick the config up properly...if you name this file cfg.xml and place it in the same folder as the installer it will be picked up automatically even when being deployed via GP.
The only place I can find anything related to the mirror server is in the NOD32 GUI, in the advanced setup tree view, under the "mirror" tab of the advanced update options. I searched around for ages trying to figure it out, thinking that the ERA server / client should do it, but I couldn't find an option anywhere.The console and server are all that is required you don't actually need NOD32 installed on the server to create the mirror like in V2.
I'll take a look on monday but i'm sure if you deploy V4 over V3 on a station it automatically removes old versions. There might be an issue if it's password protected but I gave my new version the same password and it worked.
I think you can change the name of the .xml file but I leave it as cfg.xml as it picks it up automatically.
The update mirror is controled by the console. You set it up under Tools -> Server Options -> Updates tab.
Last edited by cookie_monster; 11th December 2009 at 05:40 PM.
One tip : if you have 120 clients retrieving an update and you are runing latest RA and v4 client i highly recommend not using the internal NOD32 HTTP update service. Its quite buggy. Just configure IIS on the box and you'll have no issues anymore with updating.
ESET Knowledgebase - How can I set up Microsoft IIS as an ESET update Mirror server?
Deployed V4 using GP over a V3 manual install and it worked fine, the first time I logged in it recommended a restart as NOD32 had been updated to a new version.
There are currently 1 users browsing this thread. (0 members and 1 guests)