Symantec endpoint client not updating policy
For the clients that are configured for pull mode, the management server downloads policies to the client at regular intervals (heartbeat).
You can change the heartbeat interval so that policies are downloaded to the client group more quickly.
In this clients case, they have a policy set that doesn’t allow the Windows Update clients to go to Microsoft Updates. Which brings us to the third issue we had to resolve.
So, a quick lesson on how definitions are downloaded.
Symantec client to server connectivity issue can be caused because of many reasons and that occurs due to client server connectivity issue other than software damage.
The symptoms that the clients are not communicating with the server is as below: This is one of the powerful tool which is intended to check all the Symantec products, which will self diagnose the status of clients and provides you the suggestions to resolve the issues or proactively to ensure that your computer is ready to install the supported Symantec product.
Clicking the Update button in the System Center 2012 Endpoint Protection client user interface fails with error 0x8024402c.
Both errors are related to settings in the clients Windows Update settings.
Error 0x8024402c happens when the Windows update client can’t connect and download the proper definitions. Our client decided to change their Config Mgr Antimalware settings to disable the user from manually updating the definitions.
They also had issues with trying to manually update the definitions using the GUI.
I am going to start with the issues my client was having when manually trying to update the definitions by using the GUI and then go into why the client wasn’t getting updates from Config Mgr.
The icon appears as a yellow shield icon with a green dot when the client can communicate with the management server.' on the client to see if it matches the serial number that appears in the management console.
If the client communicates with the management server and receives regular policy updates, the serial numbers should match.
The default HTTP port is 8014 (80 for the earlier builds of SEP); the default HTTPS port is 443. If SEPM and its associated processes (Tomcat, IIS, etc..) are the only applications on this server, we recommend using the "allprofiles" profile for the command line; otherwise choose the appropriate profile.