Antivirus V4.x For Windows Clients Blocking Group Policy Processing.

[sch2000 0]

Hi,

  last week the school found that windows XP SP3 clients connected to a windows 2003 R2 domain controller had issues connecting to the server when using Antivirus 4.x.

The issue was that they could not connect to the domain controller using the FQDN based paths, associated with windows File replication service and Sysvol.

 

Through trial and error, the issue appeared to be that ESET was causing authentication to fail when clients were connecting to the server using the FQDN based path,

\\ourdomain.local\sysvol

 

They could connect using the path

\\servername\sysvol

 

This blocked the group policy settings from being applied, unable to connect to gpt.ini and the associated policy scripts.

 

When the antivirus was disabled, the group policy worked.

When the clients were upgraded to Eset endpoint antivirus 5, the group policy worked.

 

The upgrade of the AV had to be done manually as there were IPC errors when trying to upgrade using the remote console.

It was not a DNS resolution error, pinging the FQDN worked.

 

 

[anthonyh 15]

I apologize for the inconvenience, are the clients set to talk to the server over the standard set of ports (2221-2222)?

 

With the push out to version 5, are you able to NSLookup both the hostname of the machines and the IP of the machines, and do they both return correctly?  Also, are the firewalls down and is the RPC service available on the machines?

[Arakasi 549]

Did adding \\ourdomain.local\ to the exclusions list, for web protection do anything either ?

 

It was not a DNS resolution error, pinging the FQDN worked.

What about pinging from the dc to the client working ?

[Marcos 5,071]

When the antivirus was disabled, the group policy worked.

When the clients were upgraded to Eset endpoint antivirus 5, the group policy worked.

 

The upgrade of the AV had to be done manually as there were IPC errors when trying to upgrade using the remote console.

 

So the problem is with upgrade to Endpoint on some clients. Please post the complete error message you're getting as well as information about the oper. system and platform on the affected computers.