Setting up a preferred server for replicating Ivanti Antivirus pattern file content
Ivanti Antivirus takes advantage of all of the software distribution technologies built in to Ivanti Endpoint Manager, including Preferred Package Servers.
This article discusses how to configure preferred package servers to host the Ivanti Antivirus pattern file content.
Create Web Share for Preferred Package Server
Note: This must be done on a server running web sharing services (such as IIS)
- Create a folder on the target preferred server that mimics the pattern file content directory on the core server:
For our example we will create the following directory structure:
Program Files (x86)\LANDESK\ManagementSuite\LDLogon\Antivirus8\win\BasesEP10
- Open IIS Manager, expand the navigation tree, right-click on Default Web Site and select “Add virtual directory”
- Enter “LDLOGON” for the share alias, and navigate to the Program Files (x86)\LANDESK\ManagementSuite\LDLogon directory created in Step 1.
- After creating the directory, right-click LDLogon in the navigation tree and select “Edit Permissions”
Permissions should be configured as follows:
Everyone:Read & Execute, List Folder Contents, Read
IUSR: Read & Execute, List Folder Contents, Read
NETWORK SERVICE: Full Control
Administrators: Full Control
- Enable directory browsing by selecting the LDLogon folder in the navigation frame and then clicking the “Directory Browsing” icon and clicking “Enable” in the right-hand pane.
Create UNC share for LDLOGON directory
- Navigate to the \Program Files (x86)\LANDESK\ManagementSuite directory and right-click on the LDLogon share.
- Right-click and go to “Advanced Sharing”
- Click “Share this folder”.
- Click “Permissions” and give an account Full Control access to the share. This will be necessary for the Ivanti EPM Content replication tool to have rights to copy Antivirus pattern file content to the share.
- Ensure that the same account is also given Full Control on the Security tab.
Configure the Preferred Server in Ivanti Endpoint Manager
- Within the Ivanti Endpoint Manager console click Configure and then Preferred Servers
- Right-click “Preferred Servers” and select “New Preferred Server”
- Enter Server Name and Credentials to the newly created LDLOGON share on the Preferred Server
- Enter the IP address ranges for the client's subnet(s) that this preferred server will serve.
To replicate Antivirus content from the Core to the Preferred Server using Ivanti EPM Content Replication
- Under “Selected Replicator” in the Preferred Server Properties select a Windows-based managed node from the list of computers. For more information about configuring a replicator, please see: Ivanti EPM Content Replication - Replicator Configuration
- Accept Default Run options unless there is something, in particular, you want to change.
- Set up a schedule for the replicator to run. For the client to utilize the Preferred Server for Antivirus pattern files properly, replication should occur shortly after the core server updates antivirus pattern files. Therefore, a schedule should be set up for the core server to download pattern files on a regular basis, and a replication task should be set to closely follow the completion of that.
- Under “Sources” click “New” to create a new content replication source.
- Name the source “Antivirus Pattern File Content”.
- For the UNC or HTTP Path enter http://coreservername/ldlogon/antivirus8/win/bases8
- Enter credentials to with read access to the share.
- Move to the “Preferred Servers (Targets)” tab and select the desired preferred server from the list.
- Select “Mirroring” in the left-hand pane and check the box next to “Enable Mirroring”.
- Click “Save”.
Note: LDLOGON/Antivirus8/Win/BasesEP10 is the only directory that needs replicated. LDLOGON/Antivirus8/Win also contains other folders: backups, backupsEP10, dskm, bases8, basesEP10, loadbalancingEP10, and temp_bases8. The backups directory is used to backup the bases8 folder. dskm, loadbalancing and temp_bases8 are used to download the files in bases8.