Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Installing OfficeScan 10.6 on Windows 2008 R2 cluster environment

    • Updated:
    • 7 Jun 2017
    • Product/Version:
    • OfficeScan 10.6
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Standard
    • Windows 2003 Standard 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Server Core
    • Windows 7 32-bit
    • Windows 7 64-bit
    • Windows XP Professional
    • Windows XP Professional 64-bit

This article provides the tested OfficeScan 10.6 installation process to cluster environment.


Here is an image of a standard cluster installation:

standard cluster installation

Do the following to install OfficeScan 10.6 on Windows 2008 R2 cluster environment:

OfficeScan only supports active-passive cluster configuration.
  1. Go to Administrative Tools and open the Server Manager.
  2. Click Features > Add Features.
  3. In the selection screen, select Failover Clustering.
  4. Finish adding features on two machines.
  5. Configure witness disk and share disk. For details, refer to Failover Cluster Deployment Guide.

At the end of this process, you should see both nodes in the Cluster.

  1. Execute setup.exe from the OfficeScan 10.6 installation folder.

    OfficeScan 10.6 installation folder

    The Setup Welcome screen appears. Click Next.

    Welcome to the OfficeScan Setup Program

  2. Accept the license agreement and click Yesto set IIS to 32-bit mode.

    License Agreement

  3. The Client Deployment screen appears. Click Next to acknowledge the OfficeScan agent installation size.

    Client Deployment

  4. The OfficeScan Server Settings screen appears. Click Nextsince this is a new installation.

    OfficeScan Server Settings

  5. The Installation Destination screen appears. Select On this computer and then click Nextto install on this server.

    Installation Destination

  6. Select Scan the target computer on the Computer Prescan screen, and then click Next.

    Computer Prescan

  7. Enter the installation path in your share disk and then click Next.

    Installation Path

  8. Enter the proxy server details, and then click Next.

    Proxy Server details

  9. Select to install to IIS virtual website. Set the HTTP port to 8880 and the SSL port to 4343. Click Next.

    Web Server settings

  10. Select to install OfficeScan with the FQDN of the cluster, and then click Next.

    Computer Identification

  11. The Product Activation screen appears. Click Next to continue.

    Product Activation screen

  12. Enter the OfficeScan 10.6 activation codes, and then click Next.

    Enter the OfficeScan 10.6 Activation Codes

  13. Select to install the integrated server, and then click Next.

    Install Integrated Smart Protection Server

  14. Select No to disable the Web Reputation Service, and then click Next.

    Do not enable Web Reputation Service

  15. Enable the OfficeScan client installation, and then click Next.

    Install Other OfficeScan Programs

  16. Enable the Trend Micro Smart Feedback to prevent information being sent to Trend Micro. Click Next to continue.

    Smart Protection Network

  17. Set the password for the root account for the web console, and for unloading and uninstalling the OfficeScan client. Click Next.

    Administrator Account Password

  18. Set the client port and the security level to High. Click Next.

    OfficeScan client installation details

  19. Enable the Firewall, and then click Next.

    Antivirus Features: Enable Firewall

  20. Enable assessment mode for Anti-spyware. Click Next to proceed.

    Anti-spyware Feature

  21. Enable the Web Reputation Policy, then click Next.

    Web Reputation Feature

  22. Select the Start Menu folder where the OfficeScan shortcut will be created. Click Next.

    OfficeScan Program Shortcuts

  23. Click Install to proceed with the installation.

    Installation Information

  24. Click Finish to complete the installation.
  1. Go to Administrative Tools and open the Internet Information Service (IIS) Manager.
  2. Select the OfficeScan virtual site.
  3. Click Authentication then edit Anonymous Authentication. You must input a domain service account.
  4. Change the folder permission according to the following:

    where: R = read; W = write; M = modify; X = execute

    Folder (includes subfolder and files)Folders and files permission for Domain account
    K:\Program Files\Trend Micro\OfficeScan\PCCSRV\DownloadR
    K:\Program Files\Trend Micro\OfficeScan\PCCSRV\TEMPRWMX
    K:\Program Files\Trend Micro\OfficeScan\PCCSRV\WebR
    K:\Program Files\Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web_console\CGIRX
    K:\Program Files\Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\ClientInstallRWMX
    K:\Program Files\Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web_console\RemoteInstallCGIRWMX
  5. Change the Startup Type for the OfficeScan Master Service from Automatic to Manual on both notes by clicking Start > Administrative Tools > Services.
  6. Download this cluster failover script and save it to c:\windows\system32\inetsrv on each node. Edit the clusweb7.vbs script as need to specify the site name and application pool.

    Refer to Microsoft article Configuring IIS 7.0 World Wide Web Publishing Service in a Microsoft Windows Server 2008 failover cluster.

    You can verify the Application Pool and site names from the Internet Information Services (IIS) Manager.

  7. Under Administrative Tools, open Failover Cluster Management and then click Applications.
  8. Under Select Service or Application, click Generic Script and then click Next.
  9. Input the full path and file name of the script file saved in Step 6 (Configure OfficeScan Clustering section). This should be:


  10. Under Client Access Point on the left pane, configure the Access point name and IP address for the service.
  11. Under Select Storage on the left pane, select the shared disk where the OfficeScan server is installed, and then click Next.
  12. Select the new resource added in previous steps, right-click on it and then select Add a resource > Generic Service.
  13. Select the OfficeScan Master Service from the list and then finish the wizard.
  14. Repeat Step 12 (Configure OfficeScan Clustering section) and select OfficeScan Active Directory Integration Service.
  15. On the OfficeScan Active Directory Integration Service, select Properties > Dependencies tab > Insert.
  16. Select OfficeScan Master Service > OK to finish insert.
  17. Select OfficeScan Master Service then click Properties > Dependencies tab > Insert.
  18. Add the Service Name and shared disk where the OfficeScan server is installed as dependencies.
  19. Click the Registry Replication tab, then click Add.
  20. Type in the following keys:
    • SOFTWARE\Wow6432Node\TrendMicro\Database Backup
    • SOFTWARE\Wow6432Node\TrendMicro\OfficeScan
    • SOFTWARE\Wow6432Node\TrendMicro\Solar
  21. Select OfficeScan Master Service then click Bring This Resource Online.
  22. Select OfficeScan Active Directory Integration Service then click Bring this Resource Online.
  23. Select the resource, right-click on it and click Add a shared folder.
  24. Browse the location and set this to the ..\PCCSRV folder. Click Next.
  25. Tick the No, do not change NTFS permissions radio button and then click Next.
  26. Change the share name to "OFCSCAN" and then click Next.
  27. Set the administrators to have full control and everyone else must be read only permissions, then click Next.
  28. Click Create on the Review Settings and Create Share screen.
  29. Click Close.
  30. Verify the changes under the Cluster Shared Folders.

In a cluster environment, there will be multiple NICs associated with each node. There will be a primary cluster NIC which contains the virtual IP address of the application. and the client will go offline.

The OfficeScan client is designed to acquire the IP address from the primary NIC for registration to the OfficeScan server. When the node is inactive, the primary IP address will be a private 169 address. This will cause the OfficeScan server to lose communication with the client

To address this, add a new registry key to specify the actual address of the node to the OfficeScan server.

  1. Open the Registry Editor.
    Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
  2. Go to HKLM\Software\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion.
  3. Add a new String value: IP template:
  4. Edit the String Value of IP Template and add the IP address that the OfficeScan client will present to the OfficeScan server. This IP address should always be reachable to the OfficeScan server.
  5. Restart the OfficeScan Listener service for the changes to take effect.
Configure; Install
Solution Id:
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.