Jump to content

Search the Community

Showing results for tags 'scep'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Cloud
    • Azure
    • Microsoft Intune
    • Office 365
  • General Stuff
    • General Chat
    • Events
    • Site News
    • Windows News
    • Suggestion box
    • Jobs
  • MDT, SMS, SCCM, Current Branch &Technical Preview
    • How do I ?
    • Microsoft Deployment Toolkit (MDT)
    • Official Forum Supporters
    • SMS 2003
    • Configuration Manager 2007
    • Configuration Manager 2012
    • System Center Configuration Manager (Current Branch)
    • Packaging
    • scripting
    • Endpoint Protection
  • Windows Client
    • how do I ?
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
    • windows screenshots
  • Windows Server
    • Active Directory
    • Microsoft SQL Server
    • System Center Operations Manager
    • KMS
    • Windows Deployment Services
    • NAP
    • Failover Clustering
    • PKI
    • Windows Server 2008
    • Windows Server 2012
    • Windows Server 2016
    • Windows Server 2019
    • Hyper V
    • Exchange
    • IIS/apache/web server
    • System Center Data Protection Manager
    • System Center Service Manager
    • System Center App Controller
    • System Center Virtual Machine Manager
    • System Center Orchestrator
    • Lync
    • Application Virtualization
    • Sharepoint
    • WSUS

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 20 results

  1. Hi, we are seeing issues some Clients are not reporting antivirus definitions to SCCM . CM Client is working fine and SCEP Client is up to date definitions. Antimalware Client Version: CM Client Version 5.00.8239 Did following steps : Uninstall and reinstall CM Client and SCEP Client. Thank you,
  2. Gents, I have a quetion regarding SCEP : Why some machines have a version lke whereas some other machines can already be at version : . I used the client push method to install SCEP, so all my machines should have SCEP at the same version right ?
  3. Is there a way to generate a custom alert when the System Center Endpoint Protection Status -> Operational status of clients reaches a given number of systems? for example when the number of clients that has the definitions up to 3 days old reaches reaches the number of 1000 clients. Would it be possible to check the threshold with every summarization on the report? Regards Pawel
  4. th3n0rk

    Report SCEP

    Hi ! ! ! There any way to configure or force the report of the definition antivirus client machines to the server? When I do the report , the captured information is Tardive . Example: - Report - The Script select SMS_R_System.NetbiosName, SMS_R_System.SystemOUName, SMS_G_System_AntimalwareHealthStatus.AntivirusSignatureUpdateDateTime, SMS_G_System_AntimalwareHealthStatus.AntivirusSignatureVersion from SMS_R_System inner join SMS_G_System_AntimalwareHealthStatus on SMS_G_System_AntimalwareHealthStatus.ResourceID = SMS_R_System.ResourceId where SMS_R_System.OperatingSyst
  5. Hello all, I was wondering if anyone knew a way to automatically sync the SCEP definition to SCCM without needing to reboot. For instance, the SCCM console shows me that my server has the endpoint definition of 1.215.422.0 but after checking locally I have 1.215.565.0. This inaccurate result is throwing off my reports. If I reboot the server in question then SCCM shows the correct version. Is there another way to get this to sync without a reboot?
  6. Hi, Obviously a beginner here with this question, so apologies in advance if there is a simple answer to this. I have mistakenly deployed an Antimalware Policy to an incorrect device collection, which now has 3 policies deployed to it and applied to SCEP clients (Default and two custom). I cannot find a way to retract or remove the mistakenly applied policy. Is this possible and if so, can someone point me in the right direction? The mistakenly applied policy is being used by other collections so I'm hesitant to delete it, recreate and redeploy to the correct collections, but if this is th
  7. I am using SCEP and already have alerting setup. Most of the alerts that I receive require no further action since SCEP deleted it. On rare occasion, there will be something detected that SCEP fails to handle automatically. Is there a way to create a custom alert that will only be triggered when this condition occurs?
  8. Hello All, I am trying to sync my WSUS Version: 3.2.7600.226 with SCCM 2012 R2 Version 5.0.7958.1000 but I am getting sync failures and I am not sure how to resolve these failures. BTW the WSUS server was installed in the environment long before the SCCM server and they are on separate servers. wsyncmgr.log Found 1 SUPs $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.483+240><thread=4424 (0x1148)> Found active SUP computer.abc.local from SCF File.~ $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.488+240><thread=4424 (0x1148)> DB Server not detected fo
  9. Quick question, do I need to have the client settings for Software Updates enabled in order to use an ADR to apply Forefront Client DAT (SCEP) updates to clients, we have an issue with the WUA agent on our clients and I want to disable software updates scans until Microsoft resolve the issue but I don't want to stop our DAT files going out to our clients. Thanks
  10. I am running SCCM 2012 R2 5.0.7958.1203 I discovered that the SCEP installation on some clients is not upgrading. I see the following entry in ccmsetup.log file. File 'C:\windows\ccmsetup\SCEPInstall.exe' with hash '8B76E87A25DFAE06CC36245FCDC269D94A99CE2F1374C105A1F41B3470C2CFD7' from manifest doesn't match with the file hash 'FDDB17A148D8358B5BFBF63BBB3CDE902DCE807366081FE16B8E6042DCB47C71' Web searches point to articles that mention a specific hot fix that has created a mismatch of the hash values for scepinstall.exe and in ep_defaultpolicy.xml version in the \\<s
  11. We pushed Endpoint out to our campus clients within the last month and all has been good. The SCEP client is being pushed through Client Settings. We recently re-imaged a couple machines using OS deployment and would expect that SCCM would see them as a not having the SCEP client and go ahead and install it again. However, we are getting the following messages in the EnpointProtectionAgent.log file and they repeat every 25 minutes or so: Service startup notification received EndpointProtectionAgent 7/28/2014 1:25:33 PM 2572 (0x0A0C) Endpoint is triggered by CCMTask Execute. EndpointProte
  12. Hi, does anyone know a way of using WOL to wake clients for a scheduled scan? The only way I can think of getting it to run would be to create a dummy deployment task with WOL enabled for a short period before I want the scan to start - this seems a clunky way of having to do it though. I'm using SCCM 2012 R2. cheers, Tom
  13. I had a client that was unable to download the Endpoint Protection Policy. I browsed to the Windows\System32\GroupPolicy\Machine folder and delete the file: Registry.pol then rebooted. It seems to be fixed, but it won't report back to the SCCM server. His EnpointProtectionAgent.log states <![LOG[Endpoint is triggered by message.]LOG]!><time="13:28:00.005+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="fepsettingendpoint.cpp:58"> <![LOG[File C:\Windows\ccmsetup\SCEPInstall.exe version is 4.1.522.0.]LOG]!><time="1
  14. Hello All, I got a quick question on the behaviour of Software Update Groups. By folloiwing the Part 6. Deploying Endpoint Protection Role... I have created the following: 1. The servershare for SCEP updates - \\servername\source\windowsupdates\EndpointProtection 2. An ADR Template which created the new package and put it in above unc path (not enabled) 3. Several ADR's for below items with the setting "Add to existing Software Update Group" - Managed Clients - Managed DHCP - Managed DNS - Managed ADDS - And so on. Now when I look in the Software Update Groups on the ones that
  15. Hello, I currently have Microsoft endpoint protection on computers across a campus. I would like to deploy SCEP across my campus so that we can monitor and maintain it all from the server. This will require deploying the SCEP client over the network. My problem is: It creates pop ups for the current user logged in saying that windows defender is out dated and scep is out dated. Is there any way to install SCEP silently without the user being notified? I can deploy SCEP updates almost immediately afterwards to get rid of the "at risk" notification in the task bar, but it still gives
  16. I have a client that wouldn't install SCEP so I installed it using SCEPInstall.exe Now, it's an unmanaged Endpoint client How can I make it managed? The EndpointprotectionAgent.log shows: Endpoint is triggered by WMI notification. EndpointProtectionAgent 9/4/2013 8:51:02 AM 708 (0x02C4) Deployment WMI is NOT ready. EndpointProtectionAgent 9/4/2013 8:51:02 AM 708 (0x02C4)
  17. EP is installed, version is higher than expected installer version 4.1.522.0 Has anyone see that in the EndpointProtectionAgent.log on a system they have been trying to push the SCCM client to before? We have a number of servers that haven't reported back to SCCM that their Endpoint Protection is being managed. Looking at the log noted above has that error. A snipped from the log: A few of these systems were previously manged under a dev SCCM 2012 SP1 install, and some under FEP 2010. Now we are deploying from a new SCCM site that we have setup to these servers.
  18. Hello, I have been installing Config manager clients on servers I want to manage. These servers already had Forefront 2010 installed and being managed by the FEP server. When I log into a server I see that FEP 2010 is still listed under programs as well as the ConfigManger stuff. Is the FEP 2010 supposed to be manually removed or is this supposed to be automatically overwritten / uninstalled when I elect to use SCEP? Please let me know if you need more information.
  19. Hi guys, I wondered if someone here can provide clarity regarding update sources for the SCEP client as I've hit a brick wall this side of the wire! We have implemented the EPP role, configured AMW policies and deployed, setup ADR and tested and up until recently had no issues with SCEP or AMW update functionality. The SCEP clients are now failing to update their definitions. The updates sources, and order, are: 1. SCCM 2. Microsoft Update Clients fail to update and provide the following error: CODE: 0x8024402c MESSAGE: System Center Endpoint Protection couldn't install t
  20. How to block SCCM 2012 not to installed Endpoint Protection on specific collection
  • Create New...