locked
ForeFront will not receive current definitions RRS feed

  • Question

  • We have had forefront installed for approximatley 9 months now and in the middle of january the machines in the organization have stopped receiving definition updates.  Oddly enough if you go to the webbrowser and click on windows updates the browser just keeps checking for updates it never returns any updates it just sits there and spins this is happening on both XP and win7 machines.  If you go to forefront and click check for updates it does the same thing it just keeps trying to connect to get updates but never succedes.  Nothing in the GPO or in the WSUS server have changed it simply quit working.  There are no errors generated on the PC or on WSUS server so I have no idea where to start.  THe issue does happen to correspond with the installation of the December updates however.
    I have tried reinstalling WSUS
    Created a new GPO
    All to no avail
    Monday, February 1, 2010 10:02 PM

Answers

  • To post what resolved my issue.
    I uninstalled and reinstalled WSUS
    I uninstalled and reinstalled Fore front
    These two action still dind not reslove the issue.
    I ended upmanually performing the procedures in http://support.microsoft.com/kb/555989 on a couple of indivdual PC as well as the WSUS server. That seemed to resolve the issues on the PC's and the server.  Although it is specific to windows 7 it did solve the issues on the PC (XP) and the WSUS (2003 server).
    I ended up doing a test deployment of a batch file with the procedure that registered the DLL and stopped and started the services  and deleted the catroot2 folder through a GPO policy.  I did not attempt to rename the software distribution folder.  It worked on the test PC's so I deployed to the rest of the PC's and this seems to have solved my issue.


    • Marked as answer by Nick Gu - MSFT Wednesday, February 10, 2010 6:05 AM
    Monday, February 8, 2010 4:02 PM

All replies

  • Addtional information is in the SQL server I am also seeing this error Date  2/1/2010 2:47:20 PM
    Log  Job History (Microsoft Forefront Client Security)

    Step ID  1
    Server  Myserver
    Job Name  Microsoft Forefront Client Security
    Step Name  Microsoft Forefront Client Security
    Duration  00:00:22
    Sql Severity  0
    Sql Message ID  0
    Operator Emailed  
    Operator Net sent  
    Operator Paged  
    Retries Attempted  0

    Message
    Executed as user: mydomain\admin. ...tart:  DTSStep_DTSDynamicPropertiesTask_1   DTSRun OnFinish:  DTSStep_DTSDynamicPropertiesTask_1   DTSRun OnStart:  DTSStep_DTSExecuteSQLTask_2   DTSRun OnFinish:  DTSStep_DTSExecuteSQLTask_2   DTSRun OnStart:  DTSStep_DTSTransferObjectsTask_1   DTSRun OnProgress:  DTSStep_DTSTransferObjectsTask_1; Scripting objects for Transfer; PercentComplete = 0; ProgressCount = 0   DTSRun OnProgress:  DTSStep_DTSTransferObjectsTask_1; Scripting Logins; PercentComplete = 0; ProgressCount = 0   DTSRun OnProgress:  DTSStep_DTSTransferObjectsTask_1; Scripting Users; PercentComplete = 0; ProgressCount = 0   DTSRun OnProgress:  DTSStep_DTSTransferObjectsTask_1; Enumerating objects for Transfer; PercentComplete = 0; ProgressCount = 0   DTSRun OnProgress:  DTSStep_DTSTransferObjectsTask_1; Enumerating objects for Transfer : 0 Percent Completed; PercentComplete = 0; ProgressCount = 0   DTSRun OnProgress:  DTSStep_DTSTransferObjectsTask_1; 0 Percen...  Process Exit Code 1.  The step failed.

    Monday, February 1, 2010 10:11 PM
  • Hi,

     

    Thank you for the post.

     

    I think you may check the network connection to the internet. Do you have use any web proxy? Do you have receive any error message?

     

    Regards,


    Nick Gu - MSFT
    Thursday, February 4, 2010 8:57 AM
  • hi,

    try on any machine to enable microsoft update under windows update  so it can detect that your microsoft product that need to be upgraded
    Thursday, February 4, 2010 12:40 PM
  • Thank you for the Replies
    We do not use a proxy, and we can browse through all internet sites no issues with connectivity.  On all machines the microsoft update is controlled via WSUS in the standard settings for a WSUS GPO so updates are allowed, it is set to download and install updates.
    This is the worry the and the issue any time any one of the machines goes to windows updates the site is displayed I almost always use custom so that I can see what updates are being installed, and then I get the progress bar checking for updates and it just continues with out ever displaying any updates.  Since windows cannot seem to find the updates, this is the reason I beleive that forefront as well cannot recieve any new definitions.  My gut feeling is that something in WSUS ended up propagating a failed or corrupt update to all the machines that is causing the issues with getting updates.  But I do not know where to begin to correct the issue.
    Thursday, February 4, 2010 1:57 PM
  • Hi,

     

    Thank you for the update.

     

    I think you may check up the WSUS settings. Please refer to the following articles:

    http://blogs.technet.com/fcsnerds/archive/2009/07/27/distribution-component.aspx

    http://technet.microsoft.com/en-us/library/cc708474(WS.10).aspx

     

    And here is article about how do manually download the latest definition updates.

    http://support.microsoft.com/kb/935934/

     

    Regards,


    Nick Gu - MSFT
    Sunday, February 7, 2010 12:10 PM
  • To post what resolved my issue.
    I uninstalled and reinstalled WSUS
    I uninstalled and reinstalled Fore front
    These two action still dind not reslove the issue.
    I ended upmanually performing the procedures in http://support.microsoft.com/kb/555989 on a couple of indivdual PC as well as the WSUS server. That seemed to resolve the issues on the PC's and the server.  Although it is specific to windows 7 it did solve the issues on the PC (XP) and the WSUS (2003 server).
    I ended up doing a test deployment of a batch file with the procedure that registered the DLL and stopped and started the services  and deleted the catroot2 folder through a GPO policy.  I did not attempt to rename the software distribution folder.  It worked on the test PC's so I deployed to the rest of the PC's and this seems to have solved my issue.


    • Marked as answer by Nick Gu - MSFT Wednesday, February 10, 2010 6:05 AM
    Monday, February 8, 2010 4:02 PM