One way to repoint orphaned clients is to use the ClientRemote Install feature of Symantec System Center Console. If the Console can see the workstation and the workstation has Remote Desktop enabled, you an remotely upgrade its AV software and simultaneously point it to the correct server.
However, not all workstations fit this criteria. So I wrote a short script that will fix the problem at startup on select machines. You will need to create a tiny marker file on your server called "sym_serv.txt" that flags the PCs that this script has run on. Here's the script:
@echo off
IF EXIST C:\sym_serv.txt GOTO End
cls
echo Windows needs to update your Symantec Antivirus client software.copy "\\SERVERNAME\c$\Program Files\SAV\GRC.DAT" "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\GRC.DAT"
IF ERRORLEVEL 0 copy \\SERVERNAME\dfsfiles\Symantec_Server\sym_serv.txt c:\
:End
pause
It's pretty straightforward: it checks for the marker file to make sure this doesn't get done more than once. If no marker, then it copies the GRC.DAT file fresh off the Symantec server into the appropriate local folder. Then it creates the marker file if successful.
I'd recommend creating a separate OU with its own GPO that runs this script at startup. Then you can target just the orphaned workstations.
No comments:
Post a Comment