SCEP not installing definitions automatically

[Kevin79]

I follow Part 6 of Anyweb's guide (http://www.windows-noob.com/forums/index.php?/topic/6106-using-system-center-2012-configuration-manager-part-6-adding-the-endpoint-protection-role-configure-alerts-and-custom-antimalware-policies/) but I'm having problems with the definition update.

 

First, a little background. I had SCCM up and running in my environment but something screwed it up. I ended up removing my servers and recreating them. I was using SCCM with SCEP without a problem. I also have a stand-alone WSUS server as well as a SCCM integrated SCUP. My servers are pointing to my stand-alone server for Windows updates but my antimalware policy is for the servers to only use ConfigMGR for SCEP updates.

 

This was working fine before. Now that I've redone my servers and have all of the settings the same (at least I don't see any that are different) my servers aren't updating. Some of them are but the majority of my servers aren't updating. Anyone have any idea's why this worked in the past but not now?

[anyweb]

do you have any group policies controlling/related to software updates ? did you look at the troublshooting section of my post ?

[Kevin79]

Yes and yes. There are group policies controlling the WSUS location (to the stand alone server) but it was working before, why would it not work now? All I found from the troubleshooting section is that the WUAHandler.log file shows that the policy is set from the domain controller (group policy).

[Kevin79]

I also just looked at an old WUAHandler.log file and even when it was working, it was showing that the settings were overwritten by a higher authority.

[Kevin79]

Ok, back to this topic.. sort of. I have a standalone WSUS environment that most of my devices are using (I haven't had time to fully test using SCCM). They are configured to use my WSUS servers with group policies. Can I somehow make them use SCCM to get updates to the SCEP definitions while using my WSUS servers for all other updates?