Jump to content


Kevin79

SCEP updates

By Kevin79, in Configuration Manager 2012

Recommended Posts

Kevin79 Newbie

Kevin79

Posted
Posted

I have a few test clients with SCEP on them. I've removed one clients from our physical network in order to test the updating process on remote clients. Unfortunately, the client isn't updating. It has access to the internet, just not our domain (and the SCCM server). The policy that is has has it set to update from 4 sources: Configuration Manager, WSUS, Microsoft Update and Microsoft Malware Protection Center (in that order). I also have "If Configuration Manager is used as a source for definition updates, clients will only update from alternative sources if definition is older than (hours):" set to 72. My test computer is now 5 days old on the definitions and it doesn't look like it is updating. How do I get this working?

Share this post

Link to post
Share on other sites
Kevin79 Newbie

Kevin79

Posted
Posted

I looked in those two logs and all I see is that it can't reach the WSUS/SUP server (which would make sense since it isn't on the company network). The logs in ProgramData\Microsoft\Microsoft Antimalware\Support didn't show anything.

Share this post

Link to post
Share on other sites
Kevin79 Newbie

Kevin79

Posted
Posted

Just an update - I tried on another computer and it isn't updating either. The only way I can get it to update is if it connects to SCCM. Any suggestions would be great since I can't deploy this until that is working.

Share this post

Link to post
Share on other sites
anyweb Proficient

anyweb

Posted
Posted

How do I look at that? If I look at Help - About System Center Endpoint Protection, they look right.

 

when you say they look right does it list the correct antimalware policy that you created or not ?

 

if it is the correct policy then what settings have you made in that policy ?

Share this post

Link to post
Share on other sites
Kevin79 Newbie

Kevin79

Posted
Posted

when you say they look right does it list the correct antimalware policy that you created or not ?

 

Yes, it shows it as having it applied.

 

if it is the correct policy then what settings have you made in that policy ?

 

Let's see...

I have schedule scans off. Scan settings are True for "Scan email and email attachments", false for the rest and No Control for "User control of scheduled scans:". Default actions are Recommended, Recommended, Quarantine and Quarantine. Real-time protection settings are True, True, Scan incoming and outgoing files, True, True, True, True, False. I have the default locations in the Exclusion settings. Advanced is False, False, 14, False, False, False. No Threat overrides are set. Microsoft Active Protection Service is Basic Membership and false. Definition updates are 4, 9 AM, True, 4 sources selected (they are Updates distributed from Configuration Manager, Updates distributed from WSUS, Updates distributed from Microsoft Malware Protection Center and Updates distributed from Microsoft Update), 72 and (none).

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.