-
August 2nd, 2007, 09:30 AM
#1
SAV 10.1.6 Corporate nightmare...
...last Thursday, a senior security analyst (not my term for him!) came in remotely and upgraded our SAV server remotely from v.8.1 to v.10.1.6, an upgrade we ultimately needed. Problem was this was done with no testing whatsoever in our environment (400 desktops, 150 laptops -- mostly remote, and 30 servers) and with no apparent backout plan. Furthermore, this so-called senior analyst had no idea of the current policies in our environment. This is a desktop environment of mixed XP Pro and W2K units, mostly the latter.
Right off the bat we had problems. The upgrade took place during business hours, late in the afternoon. The next morning, users started reporting problems their AV wasn't updating. It soon became obvious they were still on 8.1 and that a reboot was necessary to complete the upgrade to 10.1.6. When users rebooted to complete the upgrade, then the fun really started. About 60% of the users rebooted and the new version ran OK, reporting to the SAV server. The other 40%, well, I could probably write a book on all the problems we've had.
We've lost close to 20 W2K units right off the bat to some kind of video driver corruption. This driver corruption manifested itself in 2 ways: one, booting to a black screen with some speckled colored lines, and two, a "rolling reboot" (continual reboot). In both cases, we are able to boot into safe mode. The first corruption was easily fixed by uninstalling the video drivers (one an Intel 82815, the other an SMS driver), then reinstalling the driver only (not in the setup mode) from our software server. The rolling reboots are another story. We've tried removing drivers and reinstalling, then they might boot up fine, then they go back into the rolling reboot next time the unit's rebooted. Other times, it doesn't matter if we reinstall the vid driver. I've tried the chipset driver on a couple of units to no avail. I've tried numerous SAV uninstalls (tomorrow I'm going to try uninstalling with a forklift...I'll let you know how that one goes!) and reinstalls. Today, we had a W2K unit that had been rebooted successfully and happily ran SAV 10.1.6 for several days suddenly slip into the rolling reboot mode. I re-imaged the machine after a data and profile backup, it ran fine, went thru reinstalling printers (we've got dozens!), made the guy a local admin so he could do some stuff, only to have it slide into the rolling reboot when we restarted the PC. This is bizarre. This is taking place in all different dept's, with ass't app loads. Other W2K units run fine with the same app loads. We've had no hardware problems from these machines previously.
On top of this mystery W2K issue, the 10.1.6 push just didn't fully take on about 40% of working units. SAV services set to "Automatic" don't start on bootup, but if I go into console, I can start them with no problem for the user. Other units are still running 8.1, but that service may or may not be started.
In the meantime, day-to-day support has gone to hell in a handbasket, with users having no idea what we're going thru as staff and expecting normal levels of support.
Anybody here been thru or seen anything like this? This is about the most bizarre network/computer problem I've ever seen.
Ugh, life in Hell starts up again in 3 hours.
**sigh**
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
August 2nd, 2007, 01:39 PM
#2
I have seen some funny things with Symantec CE...it hosed a server once....(version 7.5..upgrade)
The best results I have had with CE upgrades is to completely remove the previous version from both the Server and Workstations...and then reinstall\configure from scratch....
Its alot of work
Once bitten twice shy..though
Symantec have support...usually comes with your purchase\maintenance agreement...
Chalk it up to experience...
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
August 2nd, 2007, 01:43 PM
#3
Hi brokencrow,
Anybody here been thru or seen anything like this? This is about the most bizarre network/computer problem I've ever seen.
Yes, I have seen cases where it might have happened, and one where it actually did, although not so widespread or dramatically.
The upgrade took place during business hours, late in the afternoon.
Problem was this was done with no testing whatsoever in our environment
And with SAV, not to mention skipping a version?........................
I guess you just have to bite the bullet and sort it. You know how it should have been done?
I cannot think of any easy solution. Even if you could go back to the old version of SAV, the damage has been done. If you had mirrors of the configurations of the server and clients you might have been able to recover that way?
I guess you better prepare a carefully worded "lessons learned" report for senior management.
MLF is right, Symantec have support, but for their products, not something like that.
Virtually all software will say "close other applications before proceeding" and that is their get-out.
Last edited by nihil; August 2nd, 2007 at 02:23 PM.
-
August 2nd, 2007, 03:36 PM
#4
Morgan is right. Going from that old a version to the newest will require a full uninstall (using a tool provided by Symantc called "NONAV") and then a freash install. Even Symantec will tell you this.
Cheers:
-
August 2nd, 2007, 03:53 PM
#5
brokencrow,
Unfortunately everyone whose replying is correct. Hindsight is always 20/20 though...
In any event, I work with Symantec CE as well and have had some very annoying upgrade issues. Just upgrading from 10.1.1 to 10.1.5 was a bastard of a process. Vista machines needed a separate 10.2 upgrade (the 10.1.5 doesn't work with Vista machines)...it goes on & on. After one particular upgrade, we had machines that couldn't contact the server, we had one server take a sh*t. Sigh.
While I like Symantec CE products, I think they need to revamp their upgrade solutions (Not to mention, their licensing portal is also a pain in the arse).
And, even though I'm not experiencing what you are currently dealing with, I'd like to know how it turns out and what the culprit is. Best of Luck.
The object of war is not to die for your country but to make the other bastard die for his - George Patton
-
August 3rd, 2007, 12:11 AM
#6
It wasn't my call. Lord knows.
I've never seen anything like this. It's an utter disaster
for the local support staff. They're so busy with this issue,
the normal support routine is shot.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
August 3rd, 2007, 03:36 PM
#7
I guess I missed why they "had to" upgrade? I hope it wasnt becaseu vista...
-
August 3rd, 2007, 03:48 PM
#8
Probably compliance...
The Horse13 is very knowledgable on Symantec CE...he had his own horror stories when V 10.0 came out...if I remember correctly
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
August 3rd, 2007, 04:37 PM
#9
Originally Posted by morganlefay
The Horse13 is very knowledgable on Symantec CE...he had his own horror stories when V 10.0 came out...if I remember correctly
MLF
Thats right Morgan, The Horse and I were working on V10 at the same time. He helped me out with a lot of issues I was having. He would be a good one to fire questions at.
Cheers:
-
August 4th, 2007, 12:14 PM
#10
No, it wasn't because of compliance, it wasn't because of Vista. We'd
been running SAV 8.1 and it was obviously dated. The IT dep't my
company took over has been gutted the last few years in the course
of several buyouts and spending had gone to nil. An upgrade was due,
but to slam this thing in with no testing...
Anyway, I suppose I should look at it as job security, but with a support
staff of two covering 500+ desktops and laptops, well, let's just say we
didn't need this.
...the reason it was done was because it's billable. THE NUMBERS...the
numbers are God in today's world.
“Everybody is ignorant, only on different subjects.” — Will Rogers
Similar Threads
-
By debwalin in forum Tech Humor
Replies: 0
Last Post: September 1st, 2005, 08:49 PM
-
By Tiger Shark in forum Microsoft Security Discussions
Replies: 5
Last Post: January 14th, 2005, 08:47 PM
-
By DjM in forum AntiVirus Discussions
Replies: 4
Last Post: May 30th, 2003, 12:13 AM
-
By khakisrule in forum Microsoft Security Discussions
Replies: 15
Last Post: July 26th, 2002, 12:43 AM
-
By GreekGoddess in forum Cosmos
Replies: 11
Last Post: June 23rd, 2002, 04:24 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|