mietek154 Posted February 27, 2013 Report post Posted February 27, 2013 Guys, I'm facing a major issue in my organization with SCEP updating. Was looking for solution a few days but i'm still unable to figure out what is wrong with my environment. I give u quick overview about this issue. I have SCCM 2012 SP1 with endpoint protection role installed (SCCM has no SUP role). Also have a WSUS (WS 2012) (local not domain) role installed on remote machine & wsus is configured to download and automatic approve all update & update definitions for forfront endpoint protection 2010. I configured Antimalware Policy (Definition update should be downloaded from WSUS only) and deployed it to right collection (SCEP clients are installed and working properly). GPO is configured for WSUS, also have created another policy to turn off Windows Defender. All Windows Updates, Office updates have been installed on all machines in my organization. SCEP is not updating. Please check windowsupdate.log below 2013-02-27 14:59:13:573 1020 304 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://xxxx:8530/ClientWebService/client.asmx 2013-02-27 14:59:13:672 1020 304 Agent * Found 0 updates and 4 categories in search; evaluated appl. rules of 44 out of 53 deployed entities 2013-02-27 14:59:13:672 1020 304 Agent ********* 2013-02-27 14:59:13:672 1020 304 Agent ** END ** Agent: Finding updates [CallerId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)] 2013-02-27 14:59:13:672 1020 304 Agent ************* 2013-02-27 14:59:13:672 588 f24 COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)] 2013-02-27 14:59:13:672 588 f24 COMAPI - Updates found = 0 2013-02-27 14:59:13:672 588 f24 COMAPI --------- 2013-02-27 14:59:13:672 588 f24 COMAPI -- END -- COMAPI: Search [ClientId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)] 2013-02-27 14:59:13:672 588 f24 COMAPI ------------- All clients windows 8 ent. Have you any idea what is wrong with this configuration ? Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted February 27, 2013 Report post Posted February 27, 2013 i havn't tried that specific scenario, but if you look at Step 7 here and apply the same troubleshooting technique does it reveal the problem ? Quote Share this post Link to post Share on other sites More sharing options...
mietek154 Posted February 28, 2013 Report post Posted February 28, 2013 Thanks for this. Unfortunately UNC method is not an option in my environment. We have strict politcs to use WSUS only for updating. I made temporary solution for this issue. Just added another source in definition update policy (Updates distributed from Microsoft Protection Center). Using this method users can manualy updates their clients (by pressing update button in SCEP). But im still cannot remotly update them or force to update from SCCM console. Still trying to find proper solution for SCEP & WSUS. Quote Share this post Link to post Share on other sites More sharing options...
