Jump to content


anyweb

using System Center 2012 Configuration Manager - Part 6. Adding the Endpoint Protection role, configure Alerts and custom Antimalware Policies.

Recommended Posts

Same behavior for me as for Emmanuel an Baramine. I'm also participating in the technet thread.

 

However I'm now working with WSUS selected and it's working fine however.

 

I have another question; how to clear the updates folder, where WSUS downloads the definitions when ADR runs, as updates are superseded by new ones? If we don't do anything, I can imagine that the folder will grow over and over...

 

Regards

Share this post


Link to post
Share on other sites

I am trying to create a collection to target Laptops for the "EndPoint Protection Managed Laptops" and the following is the query that i am using:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_SYSTEM_ENCLOSURE on SMS_G_System_SYSTEM_ENCLOSURE.ResourceID = SMS_R_System.ResourceID where SMS_G_System_SYSTEM_ENCLOSURE.ChassisTypes in ( "8", "9", "10", "14" )

 

But my collection remain empty and I have another WIndows 7 collection that shows laptops and desktops in it. Can someone enlighten me, as to what i am missing?

 

Thanks, in advance.

Share this post


Link to post
Share on other sites

I went through this guide yesterday, but when i'm checking on things in the SCCM console today I see that the deployment package for endpoint definitions is showing an error. Looking in the distmgr.log, I see it repeating the same error over and over:

Snapshot processing content with ID 16804470 ... SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
The source directory \\configmgr\sources$\WSUS\Updates\EndpointProtection\61109c4d-e497-4eb2-9ff4-69bd5e735b01 doesn't exist or the SMS service cannot access it, Win32 last error = 2 SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
STATMSG: ID=2306 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_DISTRIBUTION_MANAGER" SYS=configmgr.domain.com SITE=001 PID=6688 TID=9664 GMTDATE=Wed Nov 14 16:57:02.734 2012 ISTR0="\\configmgr\sources$\WSUS\Updates\EndpointProtection\61109c4d-e497-4eb2-9ff4-69bd5e735b01" ISTR1="0010001F" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=1 AID0=400 AVAL0="0010001F" SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
Failed to take snapshot of one or more contents in package 0010001F SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
CDistributionSrcSQL::UpdateAvailableVersion PackageID=0010001F, Version=3, Status=2302 SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
STATMSG: ID=2302 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_DISTRIBUTION_MANAGER" SYS=configmgr.domain.com SITE=001 PID=6688 TID=9664 GMTDATE=Wed Nov 14 16:57:02.756 2012 ISTR0="Endpoint Protection Defenitions" ISTR1="0010001F" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=1 AID0=400 AVAL0="0010001F" SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
Failed to process package 0010001F after 26 retries, will retry 74 more times SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
Exiting package processing thread. SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:02 AM 9664 (0x25C0)
Used 0 out of 3 allowed processing threads. SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:07 AM 3388 (0x0D3C)
The last source update time for pkg 00100008 is 11/13/2012 5:37:24 PM Central Standard Time SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:07 AM 3388 (0x0D3C)
The next start time for pkg 00100008 is 11/14/2012 5:37:00 PM Central Standard Time SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:07 AM 3388 (0x0D3C)
Sleep 1825 seconds... SMS_DISTRIBUTION_MANAGER 11/14/2012 10:57:07 AM 3388 (0x0D3C)
Sleeping for 60 minutes before content cleanup task starts. SMS_DISTRIBUTION_MANAGER 11/14/2012 11:03:33 AM 8992 (0x2320)

 

I have confirmed that the path it's complaining about actually doesn't exist. There are lots of other folders in that path, but there is no folder named 61109c4d-e497-4eb2-9ff4-69bd5e735b01

 

What did I do wrong?

Share this post


Link to post
Share on other sites

Hi!

 

I am currently deploying a second Configuration Manager in my environment. Reason for this, the existing (working one) is on a 2008R2 host. I would like to SCCM running on a 2012 box. Both SCCM are primary sites, with now CAS installed/setup.

 

I have created my new SCCM but I am having difficulties pushing out the client to my systems. I can see all the devices. Initially I was getting "Last Installation Error: 5". This was fixed when I granted an administrator account to push the client out. However, now when I push the client out, there is no error code at all.

 

Any ideas?

Share this post


Link to post
Share on other sites

Hi!

 

I am currently deploying a second Configuration Manager in my environment. Reason for this, the existing (working one) is on a 2008R2 host. I would like to SCCM running on a 2012 box. Both SCCM are primary sites, with now CAS installed/setup.

 

I have created my new SCCM but I am having difficulties pushing out the client to my systems. I can see all the devices. Initially I was getting "Last Installation Error: 5". This was fixed when I granted an administrator account to push the client out. However, now when I push the client out, there is no error code at all.

 

Any ideas?

 

this part of the guide is specifically about Endpoint Protection, can you please raise your question as a new topic elsewhere ?

also f.y.i installing configuration Manager 2012 on Server 2012 is NOT supported until Service Pack 1 is released (early 2013 timeframe)

Share this post


Link to post
Share on other sites

the ADR does not push the updates to the clients, it merely makes the policy available to the clients informing them at their next policy update that these definition updates are available, the ADR also places these updates in the Deployment Package on whatever distribution points you selected,

 

if the clients receive that policy and if they have the source selected as Configmgr (amongst others) then they can retrieve the definition updates via ConfigMgr. When you define additional sources you do so for 'failover', plus as ConfigMgr 2012 RTM sync's the sup only once per day and SCEP updates are released at least three times per day you may want to configure the SCEP antimalware client policy to use other source as i explained,

 

good luck :)

 

Great guide! I want a bit of clarification, if possible, though.

 

When we set the "Deployment Schedule" for the ADR, is that the Deployment window for copying the content out to the DP's?

 

For instance if I set up an ADR for SCEP Definitions, and I set the evaluation to run at 12am, then set the Software Available time at 4 hours, does that effectively give me a 4 hour window in which all of my selected DP's will download the Deployment Package at randomly set intervals? I have 80 DP's scattered across my WAN, so I don't want them all trying to get their definitions at the same time, but I do want it done rather quickly so all of my SCEP clients have the latest definitions.

 

Thanks in advance for any advice/tips.

 

-SCCM Rookie

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.