The scan engines are not updated when you schedule a scan engine update in Forefront Server Security, and an error message occurs: "ERROR: Unable to load manifest"

Article translations Article translations
Article ID: 929074 - View products that this article applies to.
Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows
Expand all | Collapse all

On This Page

SYMPTOMS

When you schedule a scan engine update in Microsoft Forefront Server Security for SharePoint or in Microsoft Forefront Server Security for Exchange, the scan engines are not updated . Additionally, the following error is logged in the Drive:\Program Files\Microsoft Forefront Security\SharePoint\ProgramLog.txt file:
ERROR: Unable to load manifest from: http://forefrontdl.microsoft.com/server/scanengineupdate/x86/Microsoft/Package/manifest.cab : (0x00002ee7) The server name or address could not be resolved. WinHttpClient failed while sending a request.
Additionally, the following error is logged in the Application log:
Microsoft Forefront Server Security encountered an error while performing a scan engine update.
Note This problem may also occur when you try to manually update a scan engine.

If you are using Microsoft Forefront Server Security Management Console (FSSMC), you receive the following error in the console:
Download of <EngineName> failed.
When you move your pointer over the "Information" icon, you receive the following additional information:
Failed to download manifest information for engine <EngineName> from URL: 'http://<EngineDownloadLocation>//<EngineName>//Package/manifest.cab'

CAUSE

This problem occurs if you are using any of the following scan engines:
  • AhnLab
  • CA
  • Sophos
  • Spamcure
These engines are being discontinued on December 1, 2009. You will not receive any additional updates for these discontinued scan engines after this date.

For more information, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/forefront/serversecurity/dd940095.aspx
If you are not using any of the discontinued scan engines, this problem occurs because the Forefront Server Security server cannot reach the Microsoft engine download site.

RESOLUTION

To resolve this problem, follow these steps.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
  1. Confirm that you can reach the Microsoft engine download site. To do this, verify the following items:
    • The proxy and firewall settings on the proxy or firewall and in Forefront
    • The bandwidth
    • Other network issues
  2. If you cannot reach the download site, determine the version of the scan engine. To do this, follow these steps:
    1. Download the latest Manifest.cab file from a URL that resembles the following URL:
      http://forefrontdl.microsoft.com/server/scanengineupdate/x86/scanengine_name/Package/manifest.cab
      Note In this URL, scanengine_name represents the name of the scan engine.

      To download the latest Manifest.cab file for the latest version of the Microsoft scan engine, visit the following Microsoft Web site:
      http://forefrontdl.microsoft.com/server/scanengineupdate/x86/Microsoft/Package/manifest.cab
    2. Extract the Manifest.xml file from the Manifest.cab file.
    3. Use Microsoft Internet Explorer to open the Manifest.xml file, and then examine the package version number. For example, the package version number may be 0612030005.

      If the package version number is the same as the version number of the scan engine that is currently installed, do not update the scan engine.

      If the package version number is an earlier version of the scan engine that is currently installed, replace the download URL with the secondary network update path. Then, repeat step 1.

      You can use the secondary network update path in Forefront Server Security Administrator. If the secondary network update path is not specified, do not update the scan engine.
  3. Download the latest scan engine. To do this, download the Scanengine_name_fullpkg.cab file from a URL that resembles the following URL:
    http://forefrontdl.microsoft.com/server/scanengineupdate/x86/scanengine_name/Package/version_number/scanengine_name_fullpkg.cab
    Note In this URL, version_number represents the package version number that you noted in step 1c.
  4. Create the folder structure for the updated scan engine. To do this, follow these steps:
    1. Create a folder that is named "Staging" in the current scan engine package folder.
    2. Copy the contents of the current scan engine package folder to the Staging folder.
    3. Extract the contents of the Scanengine_name_fullpkg.cab file to the Staging folder. When you do this, the files in the Staging folder will be updated.
  5. Test the updated files in the Staging folder. To do this, follow these steps:
    1. In Forefront Server Security Administrator, disable the current version of the scan engine that you are using.
    2. Copy the Bin folder of the current scan engine installation to the BinLKG folder.
    3. Copy the files in the Staging folder to the Bin folder.
    4. Enable diagnostic logging for the GetEngineFiles program. To do this, set the following registry value to 1:
      HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Forefront Software\Forefront Security for SharePoint\GetEngineFilesDiagnostics
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Forefront Software\Forefront Security for Sharepoint\GetEngineFilesDiagnostics
      (on 64-bit systems)
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Forefront Software\Forefront Security for Exchange\GetEngineFilesDiagnostics
      (on 64-bit systems)
      Note If the GetEngineFilesDiagnostics registry value is not present, create the registry value by using the following parameters:
      Value name: GetEngineFilesDiagnostics
      Value type: REG_DWORD
      Value data: 1 (Hexadecimal)
      If you enable diagnostic logging for the GetEngineFiles program, you can determine whether the new scan engine version successfully loads and passes a self-test.
    5. Click Start, click Run, type cmd, and then click OK.
    6. At the command prompt, move to the folder in which Forefront Security is installed.
    7. Type scanenginetest.exe –e scanengine_name, and then press ENTER.

      Note You will not receive any command results. The command initializes the scan engine and then tests whether the scan engine works.
    8. View the ProgramLog.txt file to see whether the scan engine test finished successfully.
    Note If any of the substeps in step 4 fail, follow the procedure in the "Rollback procedure" section at the end of the article. Otherwise, go to step 5.
  6. Commit the updated scan engine files. To do this, follow these steps:
    1. Delete the BinLKG folder and the Staging folder.
    2. Copy the Manifest.cab file to the Bin folder.
    3. Set the
      GetEngineFilesDiagnostics
      registry value to 0.
    4. Re-enable the scan engine.

Rollback procedure

  1. If the BinLKG folder is present, delete the Bin folder. Rename the BinLKG folder to "Bin."
  2. Delete the Staging folder.
  3. If the
    GetEngineFilesDiagnostics
    registry value is present, set this registry value to 0.
  4. Re-enable the scan engine by using Forefront Server Security Administrator.

Properties

Article ID: 929074 - Last Review: December 1, 2009 - Revision: 4.0
APPLIES TO
  • Microsoft Forefront Security for Exchange Server
  • Microsoft Forefront Security for SharePoint
Keywords: 
kbexpertiseadvanced kbtshoot KB929074

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com