Jump to content


Delita

Established Members
  • Posts

    8
  • Joined

  • Last visited

Delita's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. I am trying to find a way to add a known executable to endpoint, as a threat. For example... app.exe... is it possible to add that name, path, etc to a list of unwanted programs to SCEP? I can see how to do threat overrides, however I was hoping to do the opposite against a list of executable names, paths, hashes, or whatever is available.
  2. Thanks! I will have to test this going forward.
  3. I was thinking that maybe putting the "is Like" operator along with the OU name might help, but this wont work from some of my OU Heirarchy. If I do get the change to test, will post results.
  4. Fortunately I was able to resolve this. Oddly enough my SCCM server had the SCCM agent but not the end point. I had to do a manual install of the end point, once done I had definitions to browse to add Threat Overrides. Hope this helps somebody else.
  5. When trying to browse a threat, for adding Threat Overrides, I get an error stating "The specified threat could not be found in the definitions. Verify you typed in correct name and the Endpoint Protection has the most up-to-date definition." Appreciate any help on what to do next, as far as I can tell my definitions are up to date, but if somebody could assist in giving me a list of things to check I would appreciate it. Or if there is something else I could check, please let me know.
  6. I am setting up collections of devices to mimic the OUs setup in AD. Mostly this is for Computer objects. I had found that i can query for Devices in an OU, but I was wondering is there a way to Query a root OU, and have all sub OUs machines included. In the mean time my query has been using the Criterion type as "A List of Values" and I have been adding the root OU, and all sub OUs manually (this is becoming very time consuming). I am worried that down the road when an OU is added, nobody will remember to add the new OU to the machine collection. Any more information needed please let me know.
  7. Looks like this is the correct way, also there is a canned query to check for machines without clients, and for machines that have clients that are not 2012. Hope this helps somebody else.
  8. Very new to SCCM, let alone SCCM 2012. I am assisting in a migration from SCCM 2007 to SCCM 2012, and a query was run to find a collection of machines that do not have the SCCM 2012 agent. Next an "install Client" command was run against the collection, and I can see in the ccm.log the installation of the agent running against many machines. Overall there is about 20k machines the client is being installed on. Is their a way to see the progress? When re-running the machines without agents query, it just shows up to 10k machines, so not sure how many out of the 20K have been completed already, or if there is an issue with a few hundred here or there. When looking in the console at Monitoring > Overview > Client Status > Client Activity, I can see more machines as "active" but I am not sure if it is reflecting the 2012 agents only. Appreciate any help, sorry for the basic question, but I have had trouble finding the answer in forums and via google searches.
×
×
  • Create New...