[mssms] Symantec Endpoint Protection Deployment [77s677]

From: admin@lists.myITforum.com [mailto:admin@lists.myITforum.com] On Behalf Of Rick Helstrom
Sent: Monday, January 05, 2009 3:12 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Symantec Endpoint Protection Deployment

Excellent, Thanks everyone! I exported the packages without checking the box for a single EXE and now I have an MSI that I can publish instead. I’m saving the VB wrap script for a rainy day though. J

From: admin@lists.myITforum.com [mailto:admin@lists.myITforum.com] On Behalf Of Michael Dzikowski
Sent: Thursday, January 01, 2009 11:59 AM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Symantec Endpoint Protection Deployment

I've seen this with my deployment as well.

It sounds like you're using the single EXE that Symantec Endpoint Protection (SEP) creates for you, right? If so, tell SEP to NOT create a single EXE when you create your install package with SEP. Then you'll have the MSI available to you. This will return the correct exit code when deployed. One thing to note is that you may want to add a /norestart switch to your deployment command line -- I made the mistake of not doing so :(

Uncheck this box when creating the package

Mike Dzikowski

Systems Administrator

Credit Acceptance Corporation

248.353.2700 ext. 5551

mdzikowski@creditacceptance.com

From: admin@lists.myITforum.com [mailto:admin@lists.myITforum.com] On Behalf Of Sherry Kissinger
Sent: Thursday, January 01, 2009 12:16 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Symantec Enpoint Protection Deployment

Hopefully you can get the MSI; but sometimes those setup.exe built by consoles imbed the public properties into the exe; so figuring out what properties you need to duplicate in your msi command line can sometimes be fun.

John's suggestion of a wrapper is what I was also going to suggest; but I'd probably add some conditions. I'd use a vbscript ('cause I use them more than a bat); and because I know how w/a vbscript to test for "if return code = 1, then send back a 0, else send back whatever the real error code was"

Here's a basic vbscript, running an application & sending back the return code:

on error resume next
Set sho = CreateObject("WScript.Shell")
strCurrentDir = Left(Wscript.ScriptFullName, (InstrRev(Wscript.ScriptFullName, "\") -1))
strcmd = strcurrentDir & "\activexinstaller /L:40 /C file://" &_
strCurrentDir & "//ebraryRdr.cab /S"
intret=sho.run(strcmd,0,vbtrue)
wscript.quit(intret)

In you case (once you adjust the strcmd to match what you need, you'd want to test intret before the quit, something like:

intret=0

end if

wscript.quit(intret)

Sherry Kissinger
Microsoft MVP - ConfigMgr
mofmaster@smsexpert.com

--- On Thu, 1/1/09, John.Nelson2@wellsfargo.com <John.Nelson2@wellsfargo.com> wrote:

From: John.Nelson2@wellsfargo.com <John.Nelson2@wellsfargo.com>
Subject: RE: [mssms] Symantec Enpoint Protection Deployment
To: mssms@lists.myITforum.com
Date: Thursday, January 1, 2009, 3:54 AM

If the install is an MSI, you can just run MSIEXEC /M MIF_File.mif and a status mif will be created. Then you just have to make sure your package looks for that .MIF filename and success will get picked up properly.

An alternative would be to wrap your program with a .bat file or a .vbs which runs the SEP install and returns a 0 instead of letting the SEP install return a 1.

.bat file example

ECHO OFF
SETLOCAL

Set THISDIR = %~dp0

"%THISDIR%setup_file.exe" /switch /switch

EXIT 0

John Nelson

---------------------------------------------------

Applications Systems Engineer

Software Distribution Engineering - SDE (EFO)

Wells Fargo - Minneapolis - N9301-L29

612-667-3097 Office - 612-655-4137 Mobile

john.nelson2@wellsfargo.com - MyITForum.com Articles

This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.

From: admin@lists.myITforum.com [mailto:admin@lists.myITforum.com] On Behalf Of Rick Helstrom
Sent: Wednesday, December 31, 2008 8:37 PM
To: mssms@lists.myITforum.com
Subject: [mssms] Symantec Enpoint Protection Deployment

Hello everyone:

I am deploying SEP 11 on an enterprise scale and I find that it returns an exit code of 1 on apparently successful installations. I donʼt get any reports of successful deployment yet the client does appear to be functioning correctly. Is there an easy way to get SCCM to show the install was successful on an exit code of 1 so I can more easily focus on true failures for resolution? I have looked into the ISMIF32.exe but all the documentation I find for it relates back to SMS 1.2 or 2.0. (And I am not all that clear on how to use it either)

For the deployment itself I am using the EXE created by from the SEP console via the Export Install Package process.

Thanks,

Rick

This e-mail is for the sole use of the intended recipient(s). It contains information that is confidential and/or legally privileged and is protected by law. If you believe that it has been sent to you in error, please notify the sender by reply e-mail and delete the message. Any disclosure, copying, distribution or use of this information by someone other than the intended recipient is prohibited.

==============
Missed an email? Check out the list archive:
http://myitforum.com/cs2/blogs/smslist/

==============
Missed an email? Check out the list archive:
http://myitforum.com/cs2/blogs/smslist/
==============
Missed an email? Check out the list archive:
http://myitforum.com/cs2/blogs/smslist/

SMS-ConfigMgr Email Discussion List Archive

Archive threads for the myITforum.com SMS/ConfigMgr email discussion list.

[mssms] Symantec Endpoint Protection Deployment [77s677]

Trackbacks

Comments

Search

Navigation

About Me

Tags

Recent Posts