A virus scanner has also been included since Exchange 2013. As with most other virus scanners, the signatures must also be updated here. Problems can occur when updating the signatures, especially if Exchange is not installed on the C: drive.
The following entry can then be found in the event log:
Source: FIPFS
Event ID: 6027
MS Filtering Engine Update process was unsuccessful to download the engine update for Microsoft from Primary Update Path.
Update Path:http://forefrontdl.microsoft.com/server/scanengineupdate
UpdateVersion:0
Reason: "There was a catastrophic error while attempting to update the engine. Error: DownloadEngine failed and there are no further update paths available.Engine Id: 1 Engine Name: Microsoft"
However, the problem is not quite as drastic as the error message:
There was a catastrophic error while attempting to update the engine.
To fix the "catastrophic" error, you should first check whether the update URL can be reached from the error message:
The website returns the HTTP code 403 "Access denied" if a connection could be established. HTTP 403 is therefore not a problem. With HTTP 404, the page would not be accessible, in which case a firewall could be to blame.
So in this case, everything is fine:
As mentioned at the beginning, the problem often occurs when Exchange Server is installed on a drive other than C:. In this example, Exchange is installed on drive E: and UAC is enabled. In this case, the protection for certain Exchange Server directories takes effect. Unfortunately, this also prevents the signatures from being updated and the error shown above occurs.
To correct the error, simply confirm the message "You do not currently have permission to access this folder" with "Continue":
The message must be confirmed for all folders in the following path:
E:\Exchange Server\FIP-FS\Data\Engines\amd64 (where E:\Exchange Server is the corresponding installation directory)
You can also check whether the "Network service" user has full access to the corresponding directory:
Exchange downloads signatures every 30 minutes by default. In my case, the update was successful after the above steps and event 6036 was displayed:
If these steps are not enough, there is also the "FPSDiag" tool in the FIP-FS\Bin folder. The diagnostic tool generates a set of log files that may help with the analysis:
In most cases, however, one of the following causes is responsible for the problem:
- Firewall blocks update page
- "Network service" has no access to the directory
- Directory protection active
Note: If there are a large number of Exchange servers in the company, not every Exchange server needs to download the signatures from the Internet. There is the option of configuring a central repository for the Exchange servers; a corresponding article will follow.
Gibt es eigentlich mittlerweile auch den angekündigten Artikel, wie ein zentrales Repository für die Exchange Server eingerichtet werden kann?
Danke!
Hallo zusammen,
lt. Eventlogs will Exchange zu URL
http://amupdatedl.microsoft.com/server/amupdate
Kontakt aufnehmen (CU20 Server Exchange 2016) und die Pattern runterladen. Da hat sich anscheinend der Update-URL bei MS geändert.
Viele Grüße
Wolfgang
Guten Tag
Ich kann die neue URL http://amupdatedl.microsoft.com/server/amupdate auch bestätigen. Manueller Aufruf der Adresse gibt ein 404.
Entsprechend bleibt die Fehlermeldung im Log:
0.6027 Microsoft-Filtering-FIPFS MS Filtering Engine Update process was unsuccessful to download the engine update for Microsoft from Primary Update Path. Update Path:http://amupdatedl.microsoft.com/server/amupdate UpdateVersion:0 Reason:“There was a catastrophic error while attempting to update the engine. Error: DownloadEngine failed and there are no further update paths available.Engine Id: 1 Engine Name: Microsoft“
Hat allenfalls jemand dafür schon eine Lösung gefunden?
Herzliche Grüsse
Michael
Wurde diese Seite mal eingestellt seitens Microsoft? Bekomme 404 auf diversen Geräten und unterschiedlichen Internetzugängen… Scheint (zumindest im Moment) seitens MS offline zu sein.
http://forefrontdl.microsoft.com/server/scanengineupdate
Servus,
Wenn das kein permanenter Fehler ist, sondern zB über das Wochenende ein paar mal mitgeloggt wurde, könnte man ja auch ein Problem bei Microsoft vermuten, oder nicht? Kann man das irgendwie überprüfen, ob danach wieder Signaturen geladen wurden? Gibt es da ein Logfile oder dergleichen?
Thx & Bye Tom
Die Lösung ist eigentlich ganz einfach, man muss per PowerShell den richtigen Proxy mitgeben, dann ist der Fehler 6027 auch weg.
Wenn man denn einen Proxy hat.
…und – kleiner Hinweis am Rande – der Proxy muss die Anfragen an amupdatedl*.microsoft.com für den System-Account auch erlauben, Stichwort: Proxy-Authentifizierung.
VG