Re: Script to check anti-virus is up-to-date

Adam.
I phoned Symantec and the engineer wasnt all that helpful but said there is
only an option to give a warning message to users with out-of-date
definitions.
Would you mind sending me your script please?

seb@xxxxxxxxxxxxx

Thanks

"Monkey" wrote:

Thanks for the reply.
Yes I would like your script if thats okay.
Where in Symantec console is the option to make sure remote clients have
up-to-date definitions?


"Adam Sandler" wrote:

On May 29, 9:33 am, Monkey <Mon...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I am trying to setup Network Access Quarentinehttp://www.microsoft.com/technet/network/vpn/quarantine.mspx
and need a script that runs whenever a remote user connects. This script
will check the users Symantec to make sure it has the latest definitions and
deny logon access if it does not.
Does anyone know or have a script to do this?

Thanks

I'm running Corporate Edition and I have a script which I have
scheduled as a task. It goes out to the site, parses the page for the
location of the virus edition and downloads it to the server.

The Symantec app then goes and pushes the update to all of the
clients.

Yes, there's a couple things which people might find "wrong" with my
setup... I'm not checking to see if the latest defs are installed.
Instead I'm downloading a def daily and if it's new, then great... it
gets pushed out to the domain. If the def is not new, who cares, I
don't care the system all the managed clients still have the most
current definition. You're welcome to it if you want.

For your requirement to check defs at logon, I thought there was a
setting in the Symantec Management Console which made sure the remote
connected computers received the latest defs upon reconnect. There is
a time delay though, < 15 minutes.

Otherwise and assuming the value of the def loaded on the remote host
is in the registry, you'll want to read that registry value to
determine if it is the latest and go from there. Of course, the
script will have to get what the most current def's value from the
server for the compare but that's a different discussion. Once you
figure out where the definition value lives in the registry, try
something like this:

' I'm guessing the value is in HKLM somehwere
Const HKEY_LOCAL_MACHINE = &H80000002

Dim sHostName : sHostName = "" ' determine the target host name and
set it here
Dim sPath : sPath = "" ' insert path to the key
Dim sKeyVal : sKeyVal = "" ' insert key name
Dim sResult

Dim objReg : Set objReg = GetObject("winmgmts:
{impersonationLevel=impersonate}!\\" & _
sHostName & "\root\default:StdRegProv")

objReg.GetStringValue HKEY_LOCAL_MACHINE, sPath, sKeyVal, sResult

' now do something with sResult

Set objReg = NOTHING


.

Relevant Pages
Quantcast