Skip to main content

SCCM - Reinstalling same version of Symantec Endpoint with extra features

Recently I was required to reinstall the current version of Symantec Endpoint our organisation is running (12.1.6) but with extra features from when the initial install was configured. We were wanting to add 'Proactive Threat Protection' and also 'Network Threat Protection'.

The issue with this is that 1.) Symantec did not like an update pushing from a remote source (SCCM server) and 2.) SCCM thought the software was already installed as it had the same product ID.

To get around this I had to create a task sequence with a couple of steps.

Step 1:
 - Setup a command line in the task sequence to run the following commands and make sure you tick "continue on error" on these steps.
      * CMD /C "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\smc.exe" -stop
      * CMD /C "C:\Program Files\Symantec\Symantec Endpoint Protection\smc.exe" -stop

Step 2:
 - Create an application in SCCM with the same sep64.msi install but call it something different. In the Deployment Types screen go into the Detection Method tab. In here I modified the MSI Product Code by just changing the last characters so it didn't think it was the same version of the application. Once this is done add it into the task sequence and again make sure you tick "continue on error" otherwise you will get a failed report back when it did update. Open Symantec Endpoint on the client and you should see the new features are now enabled.

I did also try creating a batch file pointing straight to the msi file and this seemed to update properly however I don't really like using this method and prefer using the msi/exe files wherever possible as it makes future updates and roll outs easier.

Comments

Post a Comment

Popular posts from this blog

SCCM - Required Application Not Installing to a collection based on an Active Directory Security Group I recently had an issue where I was trying to install Office 2013 as a required application to a collection based on an AD Security group. This would work fine if I was advertising the install as  'available', however when I set as 'required' it would not install and not even show up in Software Centre. After looking through the Monitoring section in SCCM and had a look at the deployment status I noticed it said success however the Message ID was 10040 and the description was "program will not rerun" I managed to fix this by going to the deployment settings for this collection and then going to scheduling and altering the "Rerun behaviour" to always rerun program.
Post a Comment
Read more

Office 2013 Silent Install

Office 2013 Silent Install Setup To setup a silent install of Office 2013 follow the below steps. If you have an ISO mount the file and then copy all the files out to a folder.  Run the command \\locationoffolder\setup.exe /admin. This will bring up the Office 2013 customisation tool.  You can apply which settings you require. The main ones you probably need to apply are  Licensing and user interface - choose here if you want to use a KMS key or a MAK key. In the options for the licencing agreements it is best to Tick "I accept the terms of the license agreement" Display level - none Suppress modal - ticked Set feature installation states. Tick the appropriate install options and features which you want. Configure shortcuts. I came across an issue in here which appears to be a known bug. If you try to create desktop shortcuts for any of the applications it would try to force you to enter something in the "start in" field saying this is required. ...
1 comment
Read more

SCCM Task Sequence Fails on SSD Drives Error Error: 87D00267

If you get the error code  87D00267 in a task sequence when deploying an Operating System it  basically means the machine is unable to talk to the DHCP server. From a bit of investigation it  seems that some machines with SSD's actually boot up into the task sequence quicker than it  gets an IP Address! The get around this problem you need to put some pauses in the task  sequence.  The best way is to put the pause in the task sequence just before the point where it  fails. There is  some further reading into this issue below, the sites credited with links.  Part 1 Source: http://ericsccm2012.blogspot.com.au/2013/04/applications-fail-to-install-on-ssd.html Applications Fail to Install on SSD Drives. We received several of the new Dell Latitude 6430U models with SSD drives.  Very nice laptops in a small case.  Easily found drivers for them and loaded into SCCM.  Started the task sequence on one and all look...
Post a Comment
Read more