Certain antivirus programs may contribute to file
backlogs in the following directories:
- The SMS\Inboxes directory on Microsoft Systems Management Server
(SMS) site servers.
- The SMS_CCM\ServiceData directory on Microsoft SMS Management Points.
These file backlogs lead to the appearance that SMS is not running correctly, even though
Component Status and Site System Status report no errors or warnings.
Additionally, you may experience one or more of the following symptoms:
- Package or advertisement status does not update.
- Hardware or
software inventory is not accurate.
- The overall response of the site
server is slower than expected.
This behavior is more likely to occur if the antivirus program is configured for Real-Time monitoring.
No specific antivirus program or program version
causes this behavior. When files
move between SMS components, they may appear to move slower than usual as each file
is scanned by the antivirus program. If a collision occurs because of a
file lock, processing may quit. If a collision occurs, then files start to accumulate on the SMS site server and create a file backlog.
Most of the time, SMS and an antivirus program can operate on the
same computer if SMS operates within typical boundaries and if SMS is
running on sufficient hardware.
If you configure SMS so that SMS operates beyond typical boundaries, many files may appear on an SMS site server at unexpected
times. For example, if you implement 50 software metering rules at the same
time to 8,000 clients, SMS can generate 400,000 status messages. How fast SMS and the antivirus software can process these status messages is affected by factors such
as CPU speed and disk I/O. If the antivirus software Real-Time monitoring process uses more than 70 percent of the CPU for extended periods,
a file backlog will likely occur.
The SMS_Executive service may stop responding to some threads. These include the
If you experience the behavior described in this ariticle, use one or more of the
following methods to reduce the file backlog:
- Exclude the SMS\Inboxes\SMS_Executive
Thread Name directory or the
SMS_CCM\ServiceData directory from the virus-scanning
- Make sure that the antivirus software is not configure for Real-Time monitoring.
- Remove the antivirus software, and then restart the server
so that any remaining traces are unloaded and removed from memory.
If you exclude the SMS\Inboxes directory from virus
scanning or remove the antivirus software, you may make the site server and all clients vulnerable to potential virus
risks. The client base component files reside in the SMS\Inboxes directory.
Therefore, use these options only as a short-term troubleshooting step and not as a solution
for this behavior.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
Clients or servers with SMS 2.0 components installed may reach 100 percent CPU usage
Article ID: 327453 - Last Review: July 19, 2011 - Revision: 6.0
- Microsoft System Center Configuration Manager 2007
- Microsoft System Center Configuration Manager 2007 R2
- Microsoft System Center Configuration Manager 2007 R3
- Microsoft System Center Configuration Manager 2007 Service Pack 1
- Microsoft System Center Configuration Manager 2007 Service Pack 2
- Microsoft Systems Management Server 2.0 Service Pack 2
- Microsoft Systems Management Server 2.0 Service Pack 5
- Microsoft Systems Management Server 2.0 Standard Edition
- Microsoft Systems Management Server 2003
- Microsoft Systems Management Server 2003 R2
- Microsoft Systems Management Server 2003 Service Pack 1
- Microsoft Systems Management Server 2003 Service Pack 2
- Microsoft Systems Management Server 2003 Service Pack 3