+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 30
Windows Thread, Getting NOD32 Clients To Update in Technical; Hello All, I'm trying to get our 130-odd NOD32 clients to update properly from a local update cache, as opposed ...
  1. #1

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239

    Getting NOD32 Clients To Update

    Hello All,

    I'm trying to get our 130-odd NOD32 clients to update properly from a local update cache, as opposed to all connecting to a server somewhere on the Internet as they all seem to be doing at the moment. Some background: we bought NOD32 a year ago, configured an update server, added the client install to the install script I run on each workstation after I reimage it. We paid for a year's renewal last week and put the details in to the update server, but non of the clients registered the update, instead popping up messages about how workstations are Exposed To Risk. It would seem that the clients are all configured to pick up updates from the Internet still, not our update server.

    I can manually configure the client on my PC to connect to the update server, but it seems convinced that the update dated 12/11/2009 is the most up-to-date one (NOD32 actually seems to release updates two or three times a day). Using the NOD32 Control Centre on the server, I can go to the "Update" option and run an update, which seems to update the virus definitions on the server to 18/11/2009. However, the files shown in the mirror folder ("C:\NOD32", shared as "NOD32" from the server, all-readable) have an update date of 12/11/2009.

    Is there some way of getting the proper up-to-date update files to appear in the mirror folder? Am I missing some step? Is there some way to get the NOD32 Control Centre to flush it's update cache, or some way to convince it to copy the proper updates to the mirror folder?

    --
    David Hicks

  2. #2

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by dhicks View Post
    Is there some way to get the NOD32 Control Centre to flush it's update cache, or some way to convince it to copy the proper updates to the mirror folder?
    Ah ha - turns out if you simply clear out "C:\Program Files\ESET\updfiles" and re-run update, both that folder and the mirror folder are updated properly. Hope this updates properly from now on, otherwise I'll have to get something to flush that folder out every night.

    --
    David Hicks

  3. Thanks to dhicks from:

    OutToLunch (18th November 2009)

  4. #3

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by dhicks View Post
    Ah ha - turns out if you simply clear out "C:\Program Files\ESET\updfiles" and re-run update, both that folder and the mirror folder are updated properly.
    ...but the client still doesn't update properly. I've manually updated my workstation and checked the update server settings are correct, then exported the settings to an XML file which gets given to the MSI installer at install time. I've then removed NOD32 from an IT room workstation and re-installed the NOD32 client with our standard install script (which runs as administrator). Everything seems to install fine, and when I log on I see that the client knows it is to check \\acsapps001\NOD32, not some random location on the Internet. I can look at \\acsapps001\NOD32 and see a bunch of files, all with update dates of today's date. However, the NOD32 client on the workstation reports that it has a virus database version from October 2008. If I run a manual update the client seems to go and check the update server, then come back with a message reporting that everything is fine and nothing needs updating. However, a status message on the client still reads "update hasn't been run yet".

    Either I'm confused, or the NOD32 client is, or the Universe in general is (at the moment, I'm leaning towards the Universe-in-general option). Has anyone else had much experience with getting NOD32 to actually update itself properly? I'm planning to leave it overnight to see if a spot of rest does it good. Otherwise, is anyone running NOD32 version 4 (we're running version 3 still) - any problems, or would it be a good idea for us to upgrade to v4?

    --
    David Hicks

  5. #4

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by dhicks View Post
    Otherwise, is anyone running NOD32 version 4 (we're running version 3 still) - any problems, or would it be a good idea for us to upgrade to v4?
    Okay, so we're going for an upgrade to version 4. This is a nuisience as it means I'll have to manually uninstall NOD32 version 3 from each workstation, so this is going to take a little while. Just for future reference, if anyone comes accross this thread via a search or something: you need a server with ERA Server, ERA Console and NOD32 installed, quite possibly in that order. Uninstall old versions first, when I tried to install over an existing version I got a file-in-use error.

    ERA Server and Console seems to do a good job of finding NOD32 clients by itself. However, ERA Server is not the updates mirror server - that's what you need NOD32 installed for. And you also need to enter your license username and password for the "mirror" tab to be enabled, which is a tad confusing. I have no idea what NOD32 uses, or thinks it uses, HTTP for - the mirror "server" is actually a UNC path to a file share. When entering configuration details for clients, when asked for "server" details it actually means the UNC path to the updates mirror share - e.g. "\\acsapps001\NOD32", not simply "acsapps001" as you might think.

    If you want to do a remote install on the NOD32 client you have to make sure there's a port exception for Windows File & Print Sharing in Windows Firewall on each client workstation. Youy need that same exception on the server, and the server also seems to need exceptions for ports 2222, 2223 and 2224 for both TCP and UDP.

    You can edit a NOD32 config with the supplied config editor and export that config as an XML file - make sure you export the entire XML file, not just a part of it. You seem to have to do Edit -> Mark All before you choose File -> Export Selection (my config editor would only let me do Save, not Save As). The username and password asked for in the config for the update server actually refer to a username on your local domain - set up a "NOD32" user that has access to the update mirror share. Remember that "server" refers to the UNC path of the update mirror share, not simply the server name.

    Once you have an XML file, check it's correct - re-open it with the config editor and check the data you expect is there. The config file needs to be specified when you install the MSI file - I have:

    Code:
    msiexec /i P:\NOD32\4.0.474\eavbe_nt32_enu.msi /qb! REBOOT="ReallySuppress" ADMINCFG="P:\NOD32\NOD32.xml"
    --
    David Hicks
    Last edited by dhicks; 11th December 2009 at 01:26 PM.

  6. Thanks to dhicks from:

    leco (11th December 2009)

  7. #5
    leco's Avatar
    Join Date
    Nov 2006
    Location
    West Yorkshire
    Posts
    2,026
    Thank Post
    595
    Thanked 125 Times in 119 Posts
    Rep Power
    42
    Wish I'd had that in summer when I was installing V4 (then had to revert to V3 but anyway) I seem to recall there's an uninstall previous versions option somewhere. I know that I uninstalled V3 first, and I didn't have to do it manually, so perhaps I packaged it. I did mine in OU groups, checking a sample of each as they completed.

  8. Thanks to leco from:

    dhicks (11th December 2009)

  9. #6
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    Quote Originally Posted by dhicks View Post
    Okay, so we're going for an upgrade to version 4. This is a nuisience as it means I'll have to manually uninstall NOD32 version 3 from each workstation, so this is going to take a little while. Just for future reference, if anyone comes accross this thread via a search or something: you need a server with ERA Server, ERA Console and NOD32 installed, quite possibly in that order. Uninstall old versions first, when I tried to install over an existing version I got a file-in-use error.

    ERA Server and Console seems to do a good job of finding NOD32 clients by itself. However, ERA Server is not the updates mirror server - that's what you need NOD32 installed for. And you also need to enter your license username and password for the "mirror" tab to be enabled, which is a tad confusing. I have no idea what NOD32 uses, or thinks it uses, HTTP for - the mirror "server" is actually a UNC path to a file share. When entering configuration details for clients, when asked for "server" details it actually means the UNC path to the updates mirror share - e.g. "\\acsapps001\NOD32", not simply "acsapps001" as you might think.

    If you want to do a remote install on the NOD32 client you have to make sure there's a port exception for Windows File & Print Sharing in Windows Firewall on each client workstation. Youy need that same exception on the server, and the server also seems to need exceptions for ports 2222, 2223 and 2224 for both TCP and UDP.

    You can edit a NOD32 config with the supplied config editor and export that config as an XML file - make sure you export the entire XML file, not just a part of it. You seem to have to do Edit -> Mark All before you choose File -> Export Selection (my config editor would only let me do Save, not Save As). The username and password asked for in the config for the update server actually refer to a username on your local domain - set up a "NOD32" user that has access to the update mirror share. Remember that "server" refers to the UNC path of the update mirror share, not simply the server name.

    Once you have an XML file, check it's correct - re-open it with the config editor and check the data you expect is there. The config file needs to be specified when you install the MSI file - I have:

    Code:
    msiexec /i P:\NOD32\4.0.474\eavbe_nt32_enu.msi /qb! REBOOT="ReallySuppress" ADMINCFG="P:\NOD32\NOD32.xml"
    --
    David Hicks


    I've just updated all of our clients from v2 to v3/v4 and it went well. I just rolled out V3 with Group Policy it uninstalled V2 and then installed V3 without any problems.
    As for the config I've found it easier to install the client locally and configure all settings then just export the settings as an .xml file if you name this file cfg.xml and place it in the same folder as the installer it will be picked up automatically even when being deployed via GP.

    The console and server are all that is required you don't actually need NOD32 installed on the server to create the mirror like in V2.
    I couldn't get the HTTP server working either so I went with a network share again and it works fine.


    Also when I tried rolling out V4 over V3 it upgraded just the same as with V2 so you shouldn't need to uninstall V3 from all stations. Give it a try in testing.
    Last edited by cookie_monster; 11th December 2009 at 03:01 PM.

  10. Thanks to cookie_monster from:

    dhicks (11th December 2009)

  11. #7

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by leco View Post
    I seem to recall there's an uninstall previous versions option somewhere.
    I can find an uninstall version 2 option, but nothing to uninstall version 3. Our problem is that it turns out that the original config for NOD32 v3 was broken anyway, so non of the clients were updating from the mirror server, they were all updating over the Internet. We install software via a startup script that runs when an "install" user is logged in as we have various bits of old, crusty educational software that needs some manual-automated-with-AutoIT install process.

    --
    David Hicks

  12. #8
    leco's Avatar
    Join Date
    Nov 2006
    Location
    West Yorkshire
    Posts
    2,026
    Thank Post
    595
    Thanked 125 Times in 119 Posts
    Rep Power
    42
    Not at school at the mo so I can't check, but I was moving from V3 to V4. I'll try and remember to have a look on Monday. Not that it would help you as you've already completed but might add to the knowledge bank.

  13. Thanks to leco from:

    dhicks (11th December 2009)

  14. #9

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by cookie_monster View Post
    I've just updated all of our clients from v2 to v3/v4 and it went well. I just rolled out V3 with Group Policy it uninstalled V2 and then installed V3 without any problems.
    Okay, thanks. The NOD32 install-over-presvious-version refused to work on the server and I had to manually uninstall the previous version, but you're right - maybe the workstation install will be okay.

    As for the config I've found it easier to install the client locally and configure all settings then just export the settings as an .xml file
    Good point, thanks.

    if you name this file cfg.xml and place it in the same folder as the installer it will be picked up automatically even when being deployed via GP.
    Drat - I think I might have called the previous version NOD32.xml, that would be why the original install didn't pick the config up properly...

    The console and server are all that is required you don't actually need NOD32 installed on the server to create the mirror like in V2.
    The only place I can find anything related to the mirror server is in the NOD32 GUI, in the advanced setup tree view, under the "mirror" tab of the advanced update options. I searched around for ages trying to figure it out, thinking that the ERA server / client should do it, but I couldn't find an option anywhere.

    --
    David Hicks

  15. #10
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    I'll take a look on monday but i'm sure if you deploy V4 over V3 on a station it automatically removes old versions. There might be an issue if it's password protected but I gave my new version the same password and it worked.

    I think you can change the name of the .xml file but I leave it as cfg.xml as it picks it up automatically.

    The update mirror is controled by the console. You set it up under Tools -> Server Options -> Updates tab.
    Last edited by cookie_monster; 11th December 2009 at 05:40 PM.

  16. Thanks to cookie_monster from:

    dhicks (14th December 2009)

  17. #11
    bio
    bio is offline
    bio's Avatar
    Join Date
    Apr 2008
    Location
    netherlands
    Posts
    520
    Thank Post
    16
    Thanked 130 Times in 102 Posts
    Rep Power
    38
    One tip : if you have 120 clients retrieving an update and you are runing latest RA and v4 client i highly recommend not using the internal NOD32 HTTP update service. Its quite buggy. Just configure IIS on the box and you'll have no issues anymore with updating.

    ESET Knowledgebase - How can I set up Microsoft IIS as an ESET update Mirror server?

    bio..

  18. Thanks to bio from:

    dhicks (14th December 2009)

  19. #12
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    Quote Originally Posted by bio View Post
    One tip : if you have 120 clients retrieving an update and you are runing latest RA and v4 client i highly recommend not using the internal NOD32 HTTP update service. Its quite buggy. Just configure IIS on the box and you'll have no issues anymore with updating.

    ESET Knowledgebase - How can I set up Microsoft IIS as an ESET update Mirror server?

    bio..


    Or use the LAN update feature that uses a windows share it's worked well for me with over 400 clients.

  20. Thanks to cookie_monster from:

    dhicks (14th December 2009)

  21. #13

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by cookie_monster View Post
    I'll take a look on monday but i'm sure if you deploy V4 over V3 on a station it automatically removes old versions.
    I'll try in the senior IT suite, not much going on in there today.

    The update mirror is controled by the console. You set it up under Tools -> Server Options -> Updates tab.
    Oh heck, there it is...

    --
    David Hicks

  22. #14
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    Deployed V4 using GP over a V3 manual install and it worked fine, the first time I logged in it recommended a restart as NOD32 had been updated to a new version.

  23. #15

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,727
    Thank Post
    1,287
    Thanked 797 Times in 693 Posts
    Rep Power
    239
    Quote Originally Posted by cookie_monster View Post
    Deployed V4 using GP over a V3 manual install and it worked fine
    Yep, just done that, too, seems to be working fine - looking at the ERA console on the server, I did wonder why virus signature update wasn't working, then I remembered I'd switched the PCs off. Think I need a break...

    --
    David Hicks



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Nod32 V4
    By lbradley in forum Windows Server 2000/2003
    Replies: 11
    Last Post: 28th August 2009, 11:49 AM
  2. NOD32 3.0 LAN Update server
    By cookie_monster in forum Windows
    Replies: 7
    Last Post: 10th September 2008, 03:13 PM
  3. NOD32 server Update Error
    By cookie_monster in forum Windows
    Replies: 1
    Last Post: 15th July 2008, 12:51 PM
  4. Nod32 antivirus
    By witch in forum General Chat
    Replies: 16
    Last Post: 12th December 2007, 05:43 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •