1 of 1 people found this helpful
The following Technet article gives a lot of good general recommendations for Antivirus software on Domain Controllers:
LANDesk Antivirus is supported on Domain Controllers when following these recommendations.
I created a stripped down agent and it installs just fine. I cannot install LD AV. The return is "The system cannot find the file specified" when I try to install LD AV and when I try to do an inventory scan from the core. The schedule scans are successful and scans started from the client are successful.
I found the problem with AV not installing. Turns out the the agent had software installation disabled and so it could not install AV. Modified the agent and the AV installed. Thanks to LANDesk support for help on that one.
There are some log files specified for exclusion by Microsoft. Specifically, C:\Winnt\ntfrs\jet\log\edb007CE.log
The file name changes as a file fills and a new file is created like a lot of log files do. When I try to make an exclusion "C:\Winnt\ntfrs\jet\log\edb*.log" the error that it contains invalid characters is returned. Is there a way to make a wildcard exception or is there a way that LANDesk recommends to do this. I am aware that I can exclude the entire folder. This would work but also leaves a hole, albeit a small one, that might be exploitable by a bad guy. Also, is there a list of exceptions "variables" that I can use? Things like pagefile.sys - I have not been able to find variable information.