Endpoint Protection

 View Only

Script to download Definitions from SEPM 

Jun 21, 2012 05:06 AM

 

Hi everybody,

I was looking for a way to update a SEP Client over a Script with using Definition Files stored on the SEPM.

As I could not find anything I wrote a little PowerShell script, which I´d like to share with you.

It is not very intelligent yet, but it´s doing the things I needed.

What does it do?

The script is searching for the latest definitions stored on the SEPM, downloads them and placing it into the “inbox” folder on the local SEP Client.

Why it was needed?

We don´t have an internal LiveUpdate Server and I was looking for a fast way to update a SEP Client with using the definition files which are already stored on an internal server.

What environment is needed?

It works with SEPM 12.1 and SEP 12.1 Clients. I tested it only on Windows 7-

Are there any Parameters?

Not yet, but maybe I add some improvements in the future.

What do I need to configure?

You have to enable “Third Party Management” in the LiveUpdate Policy and share two folders on the SEPM (Everyone – Read Permissions are enough)

 

You need to get the Group ID where the Clients are.

Now you can edit the first lines of the script:

#Needs to be modified for each environment:

$SEPM             = "SEPM.mycompany.local"

$GoupID           = "5A176F310AF06355010E3A00D3B0626F"

$outbox           = "\Outbox$"

$content          = "\Content$"

 

Now you are ready to run the script (rename from .txt to .ps1):

 

Here you see a client that needs definition updates

Now we run the script and definitions are getting downloaded:

After a while the Client is up to date..

...and Live Update confirms this:

 

Known Issues:

Script always downloads the full.zip and not incremental updates. So be aware that every time you run the script, it will create ~200MB of traffic

Script is not using GUPs to download definitions

If the Client is already up to date the definitions get moved to the “invalid” folder and you will see an error in the Client log

 

 

Maybe it is usefull for somebody else as well :-)

Cheers!

Statistics
0 Favorited
23 Views
1 Files
0 Shares
4 Downloads
Attachment(s)
txt file
DownloadDefs_V0.1.txt   2 KB   1 version
Uploaded - Feb 25, 2020

Tags and Keywords

Comments

Dec 27, 2018 05:04 AM

HI All 

 

My Envermental update the SEP Client update Weekly Any Scprit Share folder run the script update 

Sep 19, 2017 01:23 AM

Hi Arunkumar,

You should be edit the first two line based on your enviroinment and remove $ from content and outbox, you can run the script it will be work.

Sep 19, 2017 01:18 AM

Hi Holly Reagon,

Remove the $ from Content and Outbox.. and you can run the script it will work.

Jul 13, 2016 02:38 AM

Hi,

I'm getting the below error.

InstallDefs

Get-ChildItem : Cannot find path '\\Server\Content$\{535CB6A4-441F-4e8a-A897-804CD859100E}' because it does not exist.

At line:5 char:30

+ $Revision                 = Get-ChildItem <<<<  $Path | Select-Object -Last 1

    + CategoryInfo          : ObjectNotFound: (\\Server\Conten...7-804CD859100E}:String) [Get-ChildItem], ItemNotFoundException

    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand

 

Is it support 12.1.6 ?

 

Jun 19, 2016 03:39 AM

Hi guys , have anyone tested this and can confirm if this works for 12.1.6 ? Thanks 

Nov 18, 2015 03:11 PM

I'd love to figure out a way to deploy latest update to SEP clients using SCCM, especially to clinets who get corrupted defintion files and wont take an update through normal methods. I tried to test run this script on my computer but i get an error in regards to "can't get child item". I've modified the top two lines to represent my server and group ID, but still no luck.Error looks like this:

Get-ChildItem : Cannot find path '\\test-server\Content$\{07B590B3-9282-482f-BBAA-6D515D385869}' because it does not exist.
At C:\Users\hreagon.xyz\Documents\SEP\DownloadDefs_V0.1_0.ps1:31 char:30
+ $Revision                 = Get-ChildItem <<<<  $Path | Select-Object -Last 1
    + CategoryInfo          : ObjectNotFound: (\\cbicdg-maenad...A-6D515D385869}:String) [Get-ChildItem], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand

 

Any insight would be great, as my scripting skills are lacking, and yes the correct folders have read access for everyone. Thanks.

Nov 12, 2014 12:05 PM

what are the modifications require for this script .

I have changed domain ID and Outbox path and content path. but not working
 

Apr 10, 2014 07:27 PM

Slightly Modified this script as we have multiple locations and policies, I didn't want to have multiple scripts.

The amendment reads the local Sylink.xml file and these reads the GroupID from the file.

I am no powershell expert and there is probably a neater way

 

#Needs to be modified for each environment:
$SEPM         = "Server"
$outbox     = "\Outbox$"
$content    = "\Content$"
$sylink = Get-Content "C:\Users\All Users\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Config\SyLink.xml"
$sylink -match 'DomainID=".{32}"'; $matches[0]
$findstring = $matches[0]
$GroupID = $findstring.Substring(10,$findstring.length-11)

 

Jan 31, 2014 03:36 PM

Good Script, i will be to use.

Jan 23, 2014 02:32 PM

Someone help me out with a scriptthat downloads definitions from GUP servers plz

Aug 01, 2013 02:31 AM

Nice Script.

Aug 01, 2013 02:23 AM

Hi
Good Script it's help me lot.

Mar 20, 2013 07:30 AM

Ah, now I see.

so it doesn't wait until the next heartbeat interval to kick in.

Thanks for the explanation

Mar 20, 2013 04:01 AM

When you install Rapid Release definitions on the SEPM and you want to test them quickly on some clients, you can run that scripts to force clients to install the definitions.

Of course it should work with the "update policy" function as well, but you can´t see anything and wait and wait and don´t know if something happens or not..

 

Or if you use a setup.exe without definitions. You can run that script afterwards to bring the client quickly up to date (if you have a fast connection to the SEPM)

Mar 19, 2013 11:53 PM

Really nice script...

Mar 19, 2013 10:56 PM

What is this script normally used for when we have SEPM server running ?

Feb 20, 2013 07:54 AM

Ok thanks Zebbelin for your support.

Cheers

Santosh K

Feb 19, 2013 11:27 AM

It is a PowerShell script so you would have to install PowerShell on your XP Clients first.

I can just highly recommend to update to SEP12.1. It has a lot of improvements, especially in performance.

Also you have only ~1 Year left to update your XP Computers to Win7 or 8.

 

Sorry but I have no SEP11 environment anymore to modify the script…

 

 

 

Feb 19, 2013 11:00 AM

I am having SEPM 11 and Windows XP clients. But above environemnt given is SEP 12. Can you please provide script for SEPM 11.0

Thanks

Santosh

Feb 19, 2013 10:24 AM

Have you everything preconfigured? (enable third party content management, share folders, edit the script for your environment)

 

After that just right click the .ps1 file and "Run with PowerShell"

Feb 19, 2013 10:10 AM

How to run on client side? please explain

 

Jan 14, 2013 04:15 AM

Dear All,
kindly suggest how to use given script.

Sep 27, 2012 07:25 PM

Nice Script.

Sep 24, 2012 04:59 PM

This document is only help in SEP 11.x?

Sep 03, 2012 09:55 AM

Hi,

Great Script thanks for sharing.........

Jun 27, 2012 02:38 PM

hm,

preety...

Related Entries and Links

No Related Resource entered.