Fix for Forefront Update Timeout Errors
I use Microsoft Forefront Security for Exchange Server on my Exchange 2007 Edge server.
Recently I noticed the following error in the Application Event log:
To solve this error make the following change to the registry on the server running Forefront:
Recently I noticed the following error in the Application Event log:
Event Type: ErrorFollowed immediately by:
Event Source: GetEngineFiles
Event Category: Engine Error
Event ID: 6014
Date: 2/9/2008
Time: 10:08:43 AM
User: N/A
Computer: GATEWAY
Description:
Microsoft Forefront Server Security encountered an error while performing a scan engine update.
Scan Engine: Kaspersky5
Update Path: http://forefrontdl.microsoft.com/server/scanengineupdate/x86/Kaspersky5
Proxy Settings: Disabled
Error Code: 0xC0001F58
Description: The operation timed out.
Event Type: InformationThis was happening every 5 minutes after Event ID 2034, which reports that Microsoft Forefront Server Security is attempting a scan engine update of the Kaspersky5 scan engine.
Event Source: GetEngineFiles
Event Category: General
Event ID: 2017
Date: 2/9/2008
Time: 10:08:43 AM
User: N/A
Computer: GATEWAY
Description:
Forefront Server Security has rolled back a scan engine.
Scan Engine: Kaspersky5
To solve this error make the following change to the registry on the server running Forefront:
- Open Regedit
- Navigate to the following key:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Forefront Server Security\Exchange Server
- Click New DWORD Value
- Type EngineDownloadTimeout, and then press ENTER
- Right-click the new value and select Modify
- Select Decimal as the base, enter 600 in the Value data box, and then click OK. This setting causes the scan engine download process to time out after 600 seconds (10 minutes, instead of 5 minutes)
- Exit Regedit
Note: You do not have to restart Forefront Server services or Exchange Server services after you change this registry entry.
Now perform a manual scanner update in Forefront:
- Open Forefront Server Security Administrator
- Click Scanner Updates under Settings
- Select the appropriate scan engine that was previously timing out. In my case, Kaspersky Antivirus Technology
- Click the Update Now button on the right side of the screen
Check the Application event log to ensure that the scan engine has updated properly (Event ID 2012).
Labels: Forefront, Microsoft Exchange 2007, SP1
Subscribe to my feed
posted by Jeff @ 9:20 PM
8 Comments
Links to this post
8 Comments:
Great job. This solved my "timeout" problem. My Kaspersky5 engine haven't got update since 12/31/2007. Thanks.
sean
I am having the same issue on a Windows 2003 server. Will the solution work on my server? My registry path is a bit different than what you have and I am in a quandry for finding a solution.
It should, but what's your registry path?
My path is Software\Microsoft\ForeFront Server Security and then I am left with choosing from a Server Management or SharePoint folder. The SharePoint folder has a Scan Engines folder and subfolders for each of the engines.
Yes, this tip will work for you. Just replace 'Exchange' for 'Sharepoint'.
Thanks for the info, that solved the problem for my SharePoint servers.
Kevin
Thanks for the info. After much searching (and pulling out of hair), this solved the problem.
Don't go bald! Subscribe to my feed and get all my tips delivered to you automatically.
Post a Comment
Thank you for posting a comment! It is my hope that you find the information here useful. Let me know (and others) if this post helped you out or if you have a comment or further information.
Links to this post:
Create a Link
<< Home