Hello, I’m trying to install an antivirus on some computers that have the following relevance:
exists value “InstallLanguage” whose (it as string = “0409”) of keys “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language” of registry AND NOT exists value “ProductVersion” whose (it as string = “12217d6”) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV”
But it doesn’t seem to be working, as there is no relevant computers and I know there is.
Basically, I want to upgrade the antivirus to SEP 11.0.5002.333 (based on OS language) onto any computer that has an earlier version.
BTW, ProdutVersion key is a REG_DWORD, could it be it since I’m using “string”, maybe I should use something else ?
UPDATE: I’ve also tried this:
exists key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language” whose (value “InstallLanguage” of it as string = “0409”) of registry AND NOT exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV” whose (value “ProductVersion” of it as string = “12217d6”) of registry
This time, I have more relevant computers that it’s supposed to be (clients already have latest version).
UPDATE: I’ve tried that also, to no avail:
exists key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language” whose (value “InstallLanguage” of it as string = “0409”) of registry AND (not exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps” of registry) OR (version of file “Rtvscan.exe” of it < ") of (value “SAV Install Directory” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps” of registry as folder)
You forgot “of registry” at the end of your first query, but I am not sure if that is the cause of all the issue…
Can you try using the Relevance Debugger on the system you want to become relevant and try breaking apart the query to troubleshoot more? Then let us know which part of the query isn’t returning what you expect…
not exists value “ThreadingModel” whose (it as string = “Apartment”) of keys “HKEY_CLASSES_ROOT\CLSID{{020f6116-407b-11d3-a3bb-00c04fa32518}\InprocServer32” of registry
What is weird is that the value exists in my registry and it still returns TRUE. If I remove the first “{”, then it returns FALSE, but in a previous post, you told me I have to use double “{”. Is there anything I’m missing ?
I’ve also tried this for the previous request (different key):
not exists value “C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe” whose (it as string = “11.0.290”) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\DLLUsage” of registry
Same thing, it returns FALSE but computer is still relevant.
You only need to escape the brackets if you are using embedded relevance in an action…
I know this is a fairly confusing topic and lots of people get tripped up on it so I went ahead and finally wrote a long-overdue KB article to explain in more detail:
So my “Oracle bugfix” looks ok, and I think I might have found the solution for the antivirus relevance, I needed to put some more parentheses in the relevance, to separate the “AND” condition with the 2 “OR”:
For the record:
exists key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language” whose (value “InstallLanguage” of it as string = “0409”) of registry AND ((not exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps” of registry) OR (not exists value “C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe” whose (it as string = “11.0.290”) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\DLLUsage” of registry))