When you schedule a scan engine update in Microsoft Forefront Server Security for SharePoint or in Microsoft Forefront Server Security for Exchange, the scan engines are not updated . Additionally, the following error is logged in the Drive
:\Program Files\Microsoft Forefront Security\SharePoint\ProgramLog.txt file:
ERROR: Unable to load manifest from: http://forefrontdl.microsoft.com/server/scanengineupdate/x86/Microsoft/Package/manifest.cab : (0x00002ee7) The server name or address could not be resolved. WinHttpClient failed while sending a request.
Additionally, the following error is logged in the Application log:
Microsoft Forefront Server Security encountered an error while performing a scan engine update.
This problem may also occur when you try to manually update a scan engine.
If you are using Microsoft Forefront Server Security Management Console (FSSMC), you receive the following error in the console:
Download of <EngineName> failed.
When you move your pointer over the "Information" icon, you receive the following additional information:
Failed to download manifest information for engine <EngineName> from URL: 'http://<EngineDownloadLocation>//<EngineName>//Package/manifest.cab'
This problem occurs if you are using any of the following scan engines:
These engines are being discontinued on December 1, 2009. You will not receive any additional updates for these discontinued scan engines after this date.
For more information, visit the following Microsoft Web site:
If you are not using any of the discontinued scan engines, this problem occurs because the Forefront Server Security server cannot reach the Microsoft engine download site.
To resolve this problem, follow these steps.Warning
Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
- Confirm that you can reach the Microsoft engine download site. To do this, verify the following items:
- The proxy and firewall settings on the proxy or firewall and in Forefront
- The bandwidth
- Other network issues
- If you cannot reach the download site, determine the version of the scan engine. To do this, follow these steps:
- Download the latest Manifest.cab file from a URL that resembles the following URL:
http://forefrontdl.microsoft.com/server/scanengineupdate/x86/scanengine_name/Package/manifest.cabNote In this URL, scanengine_name represents the name of the scan engine.
To download the latest Manifest.cab file for the latest version of the Microsoft scan engine, visit the following Microsoft Web site:
- Extract the Manifest.xml file from the Manifest.cab file.
- Use Microsoft Internet Explorer to open the Manifest.xml file, and then examine the package version number. For example, the package version number may be 0612030005.
If the package version number is the same as the version number of the scan engine that is currently installed, do not update the scan engine.
If the package version number is an earlier version of the scan engine that is currently installed, replace the download URL with the secondary network update path. Then, repeat step 1.
You can use the secondary network update path in Forefront Server Security Administrator. If the secondary network update path is not specified, do not update the scan engine.
- Download the latest scan engine. To do this, download the Scanengine_name_fullpkg.cab file from a URL that resembles the following URL:
http://forefrontdl.microsoft.com/server/scanengineupdate/x86/scanengine_name/Package/version_number/scanengine_name_fullpkg.cabNote In this URL, version_number represents the package version number that you noted in step 1c.
- Create the folder structure for the updated scan engine. To do this, follow these steps:
- Create a folder that is named "Staging" in the current scan engine package folder.
- Copy the contents of the current scan engine package folder to the Staging folder.
- Extract the contents of the Scanengine_name_fullpkg.cab file to the Staging folder. When you do this, the files in the Staging folder will be updated.
- Test the updated files in the Staging folder. To do this, follow these steps:
Note If any of the substeps in step 4 fail, follow the procedure in the "Rollback procedure" section at the end of the article. Otherwise, go to step 5.
- In Forefront Server Security Administrator, disable the current version of the scan engine that you are using.
- Copy the Bin folder of the current scan engine installation to the BinLKG folder.
- Copy the files in the Staging folder to the Bin folder.
- Enable diagnostic logging for the GetEngineFiles program. To do this, set the following registry value to 1:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Forefront Software\Forefront Security for SharePoint\GetEngineFilesDiagnostics
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Forefront Software\Forefront Security for Sharepoint\GetEngineFilesDiagnostics
(on 64-bit systems)
Note If the GetEngineFilesDiagnostics registry value is not present, create the registry value by using the following parameters:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Forefront Software\Forefront Security for Exchange\GetEngineFilesDiagnostics
(on 64-bit systems)
Value name: GetEngineFilesDiagnosticsIf you enable diagnostic logging for the GetEngineFiles program, you can determine whether the new scan engine version successfully loads and passes a self-test.
Value type: REG_DWORD
Value data: 1 (Hexadecimal)
- Click Start, click Run, type cmd, and then click OK.
- At the command prompt, move to the folder in which Forefront Security is installed.
- Type scanenginetest.exe –e scanengine_name, and then press ENTER.
Note You will not receive any command results. The command initializes the scan engine and then tests whether the scan engine works.
- View the ProgramLog.txt file to see whether the scan engine test finished successfully.
- Commit the updated scan engine files. To do this, follow these steps:
- Delete the BinLKG folder and the Staging folder.
- Copy the Manifest.cab file to the Bin folder.
- Set the
GetEngineFilesDiagnostics registry value to 0.
- Re-enable the scan engine.
- If the BinLKG folder is present, delete the Bin folder. Rename the BinLKG folder to "Bin."
- Delete the Staging folder.
- If the
GetEngineFilesDiagnostics registry value is present, set this registry value to 0.
- Re-enable the scan engine by using Forefront Server Security Administrator.
Article ID: 929074 - Last Review: December 1, 2009 - Revision: 4.0
- Microsoft Forefront Security for Exchange Server
- Microsoft Forefront Security for SharePoint
|kbexpertiseadvanced kbtshoot KB929074|