Monday, 16 June 2008

Symantec AntiVirus 10.x license expired at client

Got an SBS2003 network with around 20 clients on. I installed the new licence at the server but one of the clients refused to cooperate and just appeared in the Symantec System Center Console with a license expired and refused to deploy the new one even though there were unallocated seats. The error I was getting was 0x80004005 - helpful yeah!

Turned out the Windows Firewall was getting in the way. Disabling it fixed the problem temporarily so the licence would install but there was no client management available. All the tools like view event log failed. I found Symantec doc 2004070817071248 which talked about using port 2967 for client communications. Using the Group Policy Management in the server management console let me add a firewall port exception to enable this for all PCs on the network.

I updated the Windows Firewall policy under Computer Configuration > Administrative templates > Network > Network Connections > Windows Firewall > Domain profile
and edited the Define Port Exceptions to include this line:
2967:TCP:*:Enabled:Symantec AntiVirus Management - Port

No comments:

Trust 1&1 Internet for your domain name registration, from only £1.99/year!. Check now!