Pre-Install Endpoint Protection
Good morning.
We have a large number of Windows 8.1 Tablets used by our students. At the end of each course the Tablets are removed form Intune, Re-Imaged and rejoined back to Intune.
The only thing that's causes us a headache is the amount of time it takes to download the Endpoint Protection.
Is it possible to pre-install Endpoint Protection, then when re-joining Intune it just pulls down the latest definitions.
The image we use is updated, Windows and software updates etc, prior to being deployed to the Tablets.
TIA
Mick
PS. Just been thinking, Windows 8.1 Defender looks exactly like Endpoint Protection, so is Intune just using Defender, renaming it and updating it. If so I could just update Defender to the latest definitions .
Would that work!!!!!
PS. Just been thinking, Windows 8.1 Defender looks exactly like Endpoint Protection, so is Intune just using Defender, renaming it and updating it. If so I could just update Defender to the latest definitions .
Would that work!!!!!
No. That wouldn't work. The Endpoint Protection client is required and is not the same as Windows Defender.
As for the length of time it tales to enrol, install EP and download the updates, that can be a pain. When I'm doing this I make sure that the devices are using WiFI rather than mobile networks to speed up the process. Then the process really doesn't
take long at all. Other than that there is nothing much that can be done.
Gerry Hampson | Blog:
www.gerryhampsoncm.blogspot.ie | LinkedIn:
Gerry Hampson | Twitter:
@gerryhampson
Similar Messages
-
Help with Application for Endpoint Protection
I created an application to install System Center Endpoint Protection, because we are using Symantec Endpoint Protection 12.1.3, which is unsupported for SCEP to remove. With the application I set it to supersede our SEP 12.1 client and remove
any previous software. I created a previous thread, located here:
http://social.technet.microsoft.com/Forums/en-US/38a476b3-0e71-4e80-b348-81143fa5cefe/creating-an-application-for-sc-endpoint-protection?forum=configmanagergeneral.
The initial test works, our SEP is removed and SCEP is installed, however the client takes anywhere from 3-5 hours before SCEP pulls down the correct Anti-Malware policy and applies the latest definitions. The time frame for this is longer then
we want, rebooting the computer or going into the SCCM client and running the actions does not seem to speed up the process.
At the moment, the command that works is "scepinstall.exe" /s /q,
what I attempted to do was export the current anti-malware policy and run the command
"scepinstall.exe" /s /q /policy "Malware.xml", however this does not seem to work, in SCCM or running the command via a command prompt. The only way it would is if I fully defined the path the of the xml such
as, scepinstall.exe /s /q /policy C:\Windows\CCMCache\2\malware.xml, but this command does not work in SCCM, only via the command prompt. As well defining the policy doesn't seem to do anything, when I open SCEP, I cannot enter the history
or settings tab. Even if it did I could not guarantee that the path would remain constant.
It seems odd that it can take 3-5 hours before SCEP pulls down its policy, is this normal when installing without a defined policy?
Is there a setting that I need to change somewhere that is defining when the client can check in for a new Anti-malware policy? The SCCM client is checking the default time of 60 mins.
Is there a way to define the policy on the install any other way?
Is there something I am missing?Hi,
I normally use a custom task sequence when swithing the antivirus, here is a great way of doing it solving the initial download of the definition updates as well from a package works great for OSD as well.
http://www.chrisnackers.com/2012/10/18/configuration-manager-2012-installing-endpoint-protection-during-a-task-sequence/
using the cache\2 is not a really good idea as it will not be same between computer, put the command line in a .cmd file and use the %~dp0 variable for current directory "scepinstall.exe /s /q /policy %~dp0EPAMPolicy2.xml" .
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec -
No System Center Endpoint Protection on my Windows 8.1 client?
I'm trying to install the SCCM 2012 SP1 CU3 client on a test Windows 8.1 computer. The client install seems to go well, components install and enable but I do not see the System Center Endpoint Protection tool in the tool tray on the 8.1
client like I see on Windows 7.
How can I check to see if SCEP is installed and working?
Thanks,
FPHi,
In addition, you also need to install Endpoint Protection Point role to manage SCEP clients.
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Automatic Install of Endpoint Protection fails on windows 8.1 clients with SCCM 2012 R2
Running SCCM 2012 R2 and deploying CM clients and Endpoint Protection via software updates. CM client and EP install fine on Windows 7 clients. CM client installs fine but endpoint protection fails on Windows 8.1 clients with the following from the
endpoint protection agent log:
<![LOG[Create Process Command line: "C:\Windows\ccmsetup\SCEPInstall.exe" /s /q /policy "C:\Windows\CCM\EPAMPolicy.xml".]LOG]!><time="12:22:02.560+240" date="08-13-2014" component="EndpointProtectionAgent"
context="" type="1" thread="4260" file="epagentutil.cpp:607">
<![LOG[Detail error message is : [EppSetupResult]
HRESULT=0x80070643
Description=Cannot complete the System Center Endpoint Protection installation. An error has prevented the System Center Endpoint Protection setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070643. Fatal
error during installation.
So on the win8.1 client I run the above command line manually in a command window and receive Access is denied. Then I run the same command in an elevated command window and EP installs fine. Does this have something to do with why the automatic
EP client install fails with the 0x80070643 error code? If so, what is the fix?Hi,
Try uninstalling any other security software.
For more information, please review the link below:
I‘m getting an error code from my Microsoft security software
http://www.microsoft.com/security/portal/mmpc/help/errorcodes.aspx
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Steps to install Forefront Endpoint Protection 2010?
I've been searching on how to install Forefront Endpoint Protection 2010 on a Windows Server 2012 R2 Server. I can't seem to find anything about this. Can someone tell me the steps I need to take. I installed SQL 2012, then SCCM
2012, but when I launch the Forefront 2010 installer its saying it can't find SCCM 2007. I take it its not supported in Forefront 2010? Anyways, if there are instructions on how to install the Endpoint Protection and Exchange Online protection I'd appreciate
it.
FernandoHi,
In SCCM 2012 Endpoint Protection 2012 is integrated so you cannot install FEP 2010 in it. Add the Site System role called "Endpoint Protection" on your Primary site server, CAS if you use a CAS and then you are good to go.
the steps are described here:
http://blogs.technet.com/b/anilm/archive/2012/02/19/how-to-enable-configuration-manager-2012-endpoint-protection.aspx
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec -
Using the pre-configured SCCM 2012 SP1 endpoint protection templates for Exchange 2010?
I am looking to update the exclusions for SCCM Endpoint Protect clients performing server AV protection on Exchange 2010 nodes.
Within SC there are a number of pre-defined templates, including ones for Exchange 2007 / 2010. However when I analyse these they do not appear to list all the exclusions that the Exchange product team define on TechNet -
http://technet.microsoft.com/en-us/library/bb332342(v=exchg.141).aspx
So do I;
1 - Use the template as it has been verified by Microsoft for using with Exchange 2010 and it covers all I need to exclude?
2 - Edit the template, adding in the additional exclusions as defined by the Exchange product team?
Would whichever logic I use apply to other templates, such as SQL, SharePoint, etc as well?
Thank you
AlanAs I cut and pasted the xml file I noticed the following comment that I had missed before..........
<!-- Exchange -->
<!-- Exchange Server 2010 exclusions are defined in TechNet bb332342 -->
<!-- Although the exclusions defined in the article work, testing showed that they exceed what is necessary-->
Still going with adding the full recommended list from TechNet though -
Installing Symantec endpoint Protection installtion failed
Hi ,
I have Symantec endpoint protection and have setup.exe. I have create a package and created a program as
setup.exe /s /v"/qn RUNLIVEUPDATE=0 REBOOT=REALLYSUPPRESS" but unfortunately installation fails as part of Task sequence.
just wondering if I am using some wrong command line arguments...pls. share any pointers. pls. find the screen shot attach from smstslog
Regards.Hi,
I am Chetan Savade from Symantec Technical Support Team.
See if Windows defender is causing any issue.
Can change it to setup /s /v"/l*v log.txt /qn RUNLIVEUPDATE=0 REBOOT=REALLYSUPPRESS DISABLEDEFENDER=0"
Refer these articles:
Keeping Windows Defender Enabled when Deploying and Installing Symantec Endpoint Protection Client package.
http://www.symantec.com/docs/TECH168501
Using MSI Command Line Switches to install Symantec Endpoint Protection (SEP) 12.1 fails to install or fails to abide by switch parameters
http://www.symantec.com/docs/TECH177946
MSI command line reference for Symantec Endpoint Protection
http://www.symantec.com/docs/TECH102668 -
Hi ,
Am getting Error code 1603 (fatal error during installation) while deploying the SEP through MDT task sequence . am not getting such issue regularly but some time am getting and need to be fixed.
Shailendra
Shailendra DevHi,
I am Chetan Savade from Symantec Technical Support Team.
Logs can provide more detail info, as said earlier by MrBrooks provide SEP_Inst.log from the affected machine.
Adding Windows defender related articles if they can help you:
Keeping Windows Defender Enabled when Deploying and Installing Symantec Endpoint Protection Client package.
http://www.symantec.com/docs/TECH168501
Windows Defender startup type registry value is Manual instead of Disabled after installing Symantec Endpoint Protection
http://www.symantec.com/docs/TECH206793
How to prepare a Symantec Endpoint Protection 12.1.x client for cloning
http://www.symantec.com/docs/HOWTO54706
Best Regards,
Chetan -
SCCM Server says Forefront Endpoint Protection failed to install update(s)
I have a single SCCM 2012 SP1 CU4 server running on Windows Server 2012. I primarily use this for Endpoint Protection and Windows Updates.
Recently I started seeing a lot of errors in the Endpoint Protection deployments. This one has me baffled because the Endpoint Protection client on the machine says that it is up-to-date. However, when I go to
Monitoring --> Deployments on the server, I see tons of errors that read "Failed to install update(s)."
Under the "Last Enforcement Error Code" heading, it reads:
0x80070643.
I have spent several days searching about this, but the only info I can find is about Endpoint Protection
installation problems. In my case, though, I have Endpoint Protection installed...it is the
update(s) that are showing the errors.
Server screen-shot:
Client screen-shot:
Thanks in advance for any help.I see these entries starting at 6:19 PM last night and ending at 6:09 AM today: I put in
bold what kind of stands out to me.
Assignment {7b642d5f-623d-4c44-a902-a414bef0adf7} has total CI = 1 UpdatesDeploymentAgent 5/15/2014 6:19:29 PM 1232 (0x04D0)
OnPolicyModify for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7})... UpdatesDeploymentAgent 5/15/2014 6:19:29 PM 1232 (0x04D0)
Starting forced trigger (TriggerActivate) for assignment {7b642d5f-623d-4c44-a902-a414bef0adf7} UpdatesDeploymentAgent 5/15/2014 6:19:29 PM 1232 (0x04D0)
Detection job ({F7A501B7-38F4-458B-AA62-F32212D3B614}) started for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:19:29 PM 1232 (0x04D0)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:02 PM 1072 (0x0430)
DetectJob completion received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:02 PM 4632 (0x1218)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2187.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:20:02 PM 4632 (0x1218)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2219.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:20:02 PM 4632 (0x1218)
DownloadCIContents Job ({8C3E7548-DA29-48EB-B3C3-12B96B31D492}) started for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:02 PM 4632 (0x1218)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 4632 (0x1218)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 4508 (0x119C)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateDownloading, PercentComplete = 0, Result = 0x0 UpdatesDeploymentAgent 5/15/2014 6:20:03 PM
4508 (0x119C)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateDownloading, PercentComplete = 0, Result = 0x0 UpdatesDeploymentAgent 5/15/2014 6:20:03 PM
4508 (0x119C)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 4508 (0x119C)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 4508 (0x119C)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 4508 (0x119C)
DownloadJob completion received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 1128 (0x0468)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2187.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 1128 (0x0468)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2219.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:20:03 PM 1128 (0x0468)
Message received: '<?xml version='1.0' ?>
<CIAssignmentMessage MessageType='Activation'>
<AssignmentID>{7b642d5f-623d-4c44-a902-a414bef0adf7}</AssignmentID>
</CIAssignmentMessage>' UpdatesDeploymentAgent 5/15/2014 6:37:00 PM 452 (0x01C4)
Assignment {7b642d5f-623d-4c44-a902-a414bef0adf7} has total CI = 2 UpdatesDeploymentAgent 5/15/2014 6:37:00 PM 452 (0x01C4)
Assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) received activation trigger UpdatesDeploymentAgent 5/15/2014 6:37:00 PM 452 (0x01C4)
Detection job ({726D8962-0690-46DB-B9A0-FF5D979AE3CF}) started for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:00 PM 452 (0x01C4)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:00 PM 620 (0x026C)
DetectJob completion received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 4496 (0x1190)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2187.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 4496 (0x1190)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2219.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 4496 (0x1190)
DownloadCIContents Job ({7EEA627C-B1B3-457D-BE69-6F3A8DDDA692}) started for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 4496 (0x1190)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 452 (0x01C4)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateDownloading, PercentComplete = 0, Result = 0x0 UpdatesDeploymentAgent 5/15/2014 6:37:01 PM
1648 (0x0670)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateDownloading, PercentComplete = 0, Result = 0x0 UpdatesDeploymentAgent 5/15/2014 6:37:01 PM
1648 (0x0670)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
DownloadJob completion received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2187.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2219.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/15/2014 6:37:01 PM 1648 (0x0670)
CUpdateAssignmentsManager received a SERVICEWINDOWEVENT START Event UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
Suspend activity in presentation mode is selected UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
Atleast one user has elected to suspend non-business hours activity when in presentation mode. Checking for presentation mode. UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
Proceeding to non-business hours activites as presentation mode is off. UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
Auto install during non-business hours is disabled or never set, selecting only scheduled updates. UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
A user-defined service window(non-business hours) is available. We will attempt to install any scheduled updates. UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
Attempting to install 0 updates UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
No actionable updates for install task. No attempt required. UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
Updates could not be installed at this time. Waiting for the next maintenance window. UpdatesDeploymentAgent 5/15/2014 10:00:00 PM 3736 (0x0E98)
CUpdateAssignmentsManager received a SERVICEWINDOWEVENT END Event UpdatesDeploymentAgent 5/16/2014 5:00:00 AM 3500 (0x0DAC)
No current service window available to run updates assignment with time required = 1 UpdatesDeploymentAgent 5/16/2014 5:00:00 AM 3500 (0x0DAC)
Attempting to cancel any job started at non-business hours. UpdatesDeploymentAgent 5/16/2014 5:00:00 AM 3500 (0x0DAC)
Message received: '<?xml version='1.0' ?>
<CIAssignmentMessage MessageType='EnforcementDeadline'>
<AssignmentID>{7b642d5f-623d-4c44-a902-a414bef0adf7}</AssignmentID>
</CIAssignmentMessage>' UpdatesDeploymentAgent 5/16/2014 6:09:00 AM 2768 (0x0AD0)
Assignment {7b642d5f-623d-4c44-a902-a414bef0adf7} has total CI = 2 UpdatesDeploymentAgent 5/16/2014 6:09:00 AM 2768 (0x0AD0)
Deadline received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:00 AM 2768 (0x0AD0)
Detection job ({41BE2786-E548-429E-9590-5102B1F8DE2A}) started for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:00 AM 2768 (0x0AD0)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:00 AM 4660 (0x1234)
DetectJob completion received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2187.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2219.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 4660 (0x1234)
UpdateAssginment Download: CCM_CONTENT_WF_DEADLINE_DOWNLOAD set UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 4660 (0x1234)
DownloadCIContents Job ({D484DF2D-C472-478E-A75F-1C50DACF6A5D}) started for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 4660 (0x1234)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 4660 (0x1234)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 748 (0x02EC)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateDownloading, PercentComplete = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:01 AM
748 (0x02EC)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateDownloading, PercentComplete = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:01 AM
748 (0x02EC)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 748 (0x02EC)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 748 (0x02EC)
Progress received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 748 (0x02EC)
DownloadJob completion received for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:01 AM 748 (0x02EC)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2187.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/16/2014 6:09:02 AM 748 (0x02EC)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Name (Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.2219.0)) ArticleID (2461484) added to the targeted list of deployment ({7b642d5f-623d-4c44-a902-a414bef0adf7})
UpdatesDeploymentAgent 5/16/2014 6:09:02 AM 748 (0x02EC)
Starting install for assignment ({7b642d5f-623d-4c44-a902-a414bef0adf7}) UpdatesDeploymentAgent 5/16/2014 6:09:02 AM 748 (0x02EC)
ApplyCIs - JobId = {24FEF2A6-EFAB-4675-B3DE-E357BD4D7384} UpdatesDeploymentAgent 5/16/2014 6:09:02 AM 748 (0x02EC)
Raising client SDK event for class NULL, instance NULL, actionType 13l, value NULL, user NULL, session 4294967295l, level 0l, verbosity 30l UpdatesDeploymentAgent 5/16/2014 6:09:02 AM 748 (0x02EC)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateDetecting, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:02
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateDetecting, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:02
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateDownloading, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:02
AM 2788 (0x0AE4)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateDownloading, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:02
AM 2788 (0x0AE4)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateWaitInstall, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:02
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateWaitInstall, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:02
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateInstalling, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:22
AM 2788 (0x0AE4)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateInstalling, PercentComplete = 100, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:22
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_4fcb1b37-19a1-4c12-a77c-bbe513872a43) Progress: Status = ciStateVerifying, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:22
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateInstalling, PercentComplete = 100, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:22
AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17EA00E/SUM_ba89c7f4-5400-4c40-aa1b-aefa5fbdffb2) Progress: Status = ciStateVerifying, PercentComplete = 0, DownloadSize = 0, Result = 0x0 UpdatesDeploymentAgent 5/16/2014 6:09:22
AM 2788 (0x0AE4)
CUpdatesJob({24FEF2A6-EFAB-4675-B3DE-E357BD4D7384}): Job completion received. UpdatesDeploymentAgent 5/16/2014 6:09:51 AM 4660 (0x1234)
Update (Site_A0C81BE8-8706-4378-B3C3-9149D17
I did not specifically specify any maintenance windows. It looks like the default business hours are set on the client though:
Is this maybe causing my problems??? Is it possible to change that default value from the SCCM console??
Thanks again for all of your help! -
Windows 10 in SCCM 2012/SCEP (system center endpoint protection)
I have been able to put my test machine into SCCM 2012 R2. But it seems that SCEP won't work, this is the message:
System Center Endpoint Protection cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program. <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.
Will we be able to test SCEP in any of the upcoming versions?I have the same situation during a pre pilot phase in a customer environment, but still no sulution
-
We upgraded SCCM SP1 to CU5. We got one primary site, on which we had no problems with running the CU setup. After the upgrade we pushed the new administrator console and client.
SP1 CU5 - console update -> Updated on all administrator users (50 computers)
SP1 CU5- x64 and x86 client update -> Updated on pilot group (50 computers)
No problems so far.
We are having troubles updating the Endpoint Protection Client version. This was V4.1.522.0 before the upgrade. When we enroll a new computer, it receives the new V4.5.216.0, which is the last version.
But we can't update our older clients. We try to deploy the software update (Update for Forefront Endpoint Protection 2010 Client - 4.5.216.0 (KB2952678)) but it doesn't install. After 20 minutes, if I look in the Deployment logs, it says the installation
was successfull; but it isn't, it's still the old version.
Strange thing is, we can upgrade to an inbetween version (Update for Forefront Endpoint Protection 2010 Client - 4.3.215.0 (KB2864366)). Which installs on a test client.
If I look to the cache files of the new EP Client update, and use the UpdateInstall.exe manually, the update does install. Then I see in the logfile EndpointProtectionAgent.log it still refers to the version 4.1.522.0.
EP 4.5.216.0 is installed, version is higher than expected installer version 4.1.522.0. EndpointProtectionAgent 13/01/2015 14:54:00 7808 (0x1E80)
Re-apply EP AM policy. EndpointProtectionAgent 13/01/2015 14:54:00 7808 (0x1E80)
Apply AM Policy. EndpointProtectionAgent 13/01/2015 14:54:00 7808 (0x1E80)
Create Process Command line: "c:\Program Files\Microsoft Security Client\\ConfigSecurityPolicy.exe" "C:\Windows\CCM\EPAMPolicy.xml". EndpointProtectionAgent 13/01/2015 14:54:00 7808 (0x1E80)
Applied the C:\Windows\CCM\EPAMPolicy.xml with ConfigSecurityPolicy.exe successfully. EndpointProtectionAgent 13/01/2015 14:54:02 7808 (0x1E80)
Save new policy state 1 to registry SOFTWARE\Microsoft\CCM\EPAgent\PolicyApplicationState EndpointProtectionAgent 13/01/2015 14:54:02 7808 (0x1E80)
State 1 and ErrorCode 0 and ErrorMsg and PolicyName Antimalware Policy and GroupResolveResultHash D277339FA77A9017801399D96266BAD42DE74F38 is NOT changed. EndpointProtectionAgent 13/01/2015 14:54:02 7808 (0x1E80)
Skip sending state message due to same state message already exists. EndpointProtectionAgent 13/01/2015 14:54:02 7808 (0x1E80)
Firewall provider is installed. EndpointProtectionAgent 13/01/2015 14:54:02 7808 (0x1E80)
Installed firewall provider meet the requirements. EndpointProtectionAgent 13/01/2015 14:54:02 7808 (0x1E80)
This is the WindowsUpdate.log when I try to push the new EP client.
2015-01-14 11:24:13:651 7416 1c44 Handler :::::::::
2015-01-14 11:24:13:651 7416 1c44 Handler : Updates to install = 1
2015-01-14 11:24:21:716 7416 1c44 Handler : WARNING: Command line install completed. Return code = 0x8004ff25, Result = Failed, Reboot required = false
2015-01-14 11:24:21:716 7416 1c44 Handler : WARNING: Exit code = 0x8024200B
2015-01-14 11:24:21:716 7416 1c44 Handler :::::::::
2015-01-14 11:24:21:716 7416 1c44 Handler :: END :: Handler: Command Line Install
2015-01-14 11:24:21:732 7416 1c44 Handler :::::::::::::
2015-01-14 11:24:21:794 1096 c18 Agent *********
2015-01-14 11:24:21:794 1096 edc AU Can not perform non-interactive scan if AU is interactive-only
2015-01-14 11:24:21:794 1096 c18 Agent ** END ** Agent: Installing updates [CallerId = CcmExec]
2015-01-14 11:24:21:794 1096 c18 Agent *************
2015-01-14 11:24:21:794 2296 fac COMAPI >>-- RESUMED -- COMAPI: Install [ClientId = CcmExec]
2015-01-14 11:24:21:794 2296 fac COMAPI - Install call complete (succeeded = 0, succeeded with errors = 0, failed = 1, unaccounted = 0)
2015-01-14 11:24:21:794 2296 fac COMAPI - Reboot required = No
2015-01-14 11:24:21:794 2296 fac COMAPI - WARNING: Exit code = 0x00000000; Call error code = 0x80240022
2015-01-14 11:24:21:794 2296 fac COMAPI ---------
2015-01-14 11:24:21:794 2296 fac COMAPI -- END -- COMAPI: Install [ClientId = CcmExec]
2015-01-14 11:24:21:794 2296 fac COMAPI -------------
2015-01-14 11:24:21:794 1096 1620 AU Can not perform non-interactive scan if AU is interactive-only
2015-01-14 11:24:26:739 1096 1424 Report REPORT EVENT: {ED287668-4BEF-46FD-BB57-CA17680E5D3B} 2015-01-14 11:24:21:732+0100 1 182 101 {A90C3005-7B59-4268-8B11-12D9BE5C8EA0} 201 80070643 CcmExec Failure Content Install Installation Failure: Windows failed to install the following update with error 0x80070643: Update for System Center Endpoint Protection 2012 Client - 4.5.216.0 (KB2952678).
2015-01-14 11:24:27:207 1096 1424 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2015-01-14 11:24:27:207 1096 1424 Report WER Report sent: 7.5.7601.17514 0x80070643 A90C3005-7B59-4268-8B11-12D9BE5C8EA0 Install 101 Managed
2015-01-14 11:24:27:207 1096 1424 Report CWERReporter finishing event handling. (00000000)
Thanks in advance!Hello,
According to
kb2952678:
To apply this update, you must have one of the following installed:
System Center 2012 R2 Configuration Manager Cumulative Update 4 for System Center 2012
Configuration Manager Service Pack
Service Pack 2 for System Center Configuration Manager 2007 and Update Rollup 1 for
Forefront Endpoint Protection 2010
Do you have Update Rollup 1 for Forefront Endpoint Protection 2010?
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
SCCM 2012 Endpoint Protection initial update not downloaded
Hi,
I'm new to SCCM 2012. I recently started deploying the Endpoint Protection to all of clients (Windos 7 and XP Pro).
I've noticed that some clients have not been updating their initial definitions after the Endpoint Protection Software is installed.
Since they are not updating their detonation the client remains unprotected with the status icon in red.
The odd thing is that some of our computers do the initial update just fine while others are effected.
Also if I click update manually then the update goes through no issue, but with 100+ clients not updated its not something I want to do manually.
The clients are set to receive auto updates via a auto deployment rule.
Also the antimalware policy is set to do updates as well in this order:
Config Mgr
WSUS
Microsoft Malware Protection Center
Microsoft Update
Has anyone seen this before?
If I need to upload any specific logs just let me know.
Many ThanksDo you have Software update configured (and working) thru ConfigMgr or using a standalone WSUS?
Kent Agerlund | My blogs: blog.coretech.dk/kea and
SCUG.dk/ | Twitter:
@Agerlund | Linkedin: Kent Agerlund |
Mastering ConfigMgr 2012 The Fundamentals -
Symantec Endpoint Protection 12.1 and Peopletools 8.53
Hello,
We're currently enabling virus scan for PT 8.53 with Symantec Endpoint Protection (SEP) v12. However, we are unable to configure it correctly. Our set up looks like this:
* PS webserver is insatalled on server 1, this is where we configure the virusscan.xml file
* SEP 12 is installed on a separate server, server 2. client and SEP manager is installed on this server.
* OS is Windows 2008 R2 64-bit for both servers.
May I know if anyone here have successfully used SEP for scanning attachments?
Unfortunately, as per oracle, only symantec scan engine was verified to work with peoplesoft, other versions are still not tested to work.
another question is, what should be the value for the virusscan.xml parameters below?
<Provider>
<name>SymantecManagementClient</name>
<class>psft.pt8.virusscan.provider.GenericVirusScanProviderImpl</class>
<icapversion>ICAP/1.0</icapversion>
<service-name>/SmcService</service-name>
<policycommand>?action=SCAN</policycommand>
<address>server2</address>
<port>8014</port>
<disable>false</disable>
</Provider>
we've mixed and matched the available service names from server 2, but we are still getting the error below:
Sep 10, 2013 11:14:19 PM psft.pt8.virusscan.ICAPClient connectAndCheckOptions
INFO: Input OPTIONS Header = OPTIONS icap://server2:8014/SmcService ICAP/1.0
Sep 10, 2013 11:14:19 PM psft.pt8.virusscan.ICAPClient connectAndCheckOptions
INFO: OPTIONS recieve header= HTTP/1.1 200 OK
Date: Tue, 10 Sep 2013 15:14:19 GMT
Server: Apache
Allow: GET,HEAD,POST,OPTIONS
Content-Length: 0
Connection: close
Content-Type: text/plain
ICAP header = ICAP/1.0 200
Sep 10, 2013 11:14:19 PM psft.pt8.virusscan.ICAPClient scanStream
SEVERE: Unable to connect to the Scan server SymantecManagementClient; Reason = CONNECTERROR
Sep 10, 2013 11:14:19 PM psft.pt8.virusscan.VirusScanProviderManager scanStream
INFO: Scanning completed using provider = SymantecManagementClient Provider classname = psft.pt8.virusscan.provider.GenericVirusScanProviderImpl
Sep 10, 2013 11:14:19 PM psft.pt8.virusscan.VirusScanProviderManager scanStream
INFO: Finish Scanning Request.
port 8014 is the client communications port for SEP and its the only port that gives us a response (INFO: OPTIONS recieve header= HTTP/1.1 200 OK..etc), when we try other ports we get a "SEVERE: Unable to connect to SymantecManagementClient" message on this line.
Hoping for your responses, thank you in adance for your help.Hello,
Just to give an update. We were able to make this work but we used Symantec Protection Engine for Cloud Services instead. Also, for anyone having problems with the parameters - we used the exact same parameters listed in Peoplebooks or on the delivered virusscan.xml file, just update the IP address. We also saved the xml file on both the Portal.war and PSIGW.war directories. -
X301 and pre-installed Lenovo Software
Hello to everybody.
I'm new in this community.
I've been a ThinkPad user since 1997 (600, R52, T60p) and now I've bought a X301 with Win 7 32 bit.
Comparing the Laptop with my previous T60p with Win XP, I have some doubts about the configuration and the preinstalled software (Think Vantage Tools) wich comes with it. Maybe someone here can help me.
My doubts are:
- why is not possible to get the productivity center and get it in association with the blue button?
- why is the Active Protection software pre-installed (and loaded at startup), when the HD is an SSD one?
- the GPS doesn't work (Only one time I've got one satellite in an open environment, where my phone gets full GPS coverage, otherweise normal is 0 satellite)
- the fingerprint recognition at startup is very very slow
- every Lenovo software, when launched, opens very slowly (minutes).
This is the situation I've found out of the box. I'm wondering whether the Laptop has left the factory with a wrong configuration (I mean, for Win 7 and SSD) and if I would be able to set everything in the right status through the use of System-Update.
Thank-you to everyone and, please, excuse my terrible English.
Occam
600, R52, T61p, X301The great idea is - to update Media Player. But telling you by secret - it's a bad idea. The really great idea - not to use MP at all. Use Winamp, foobar, VLC(+skins) or iTunes, but not MP...
No trust for MicroSoft since Longhorn appeared.
//help will save the world -
System Center Endpoint Protection creates TEMP Folders / Reinstallation not possible
Hi all,
After I updated from SCCM 2012 RTM to SCCM 2012 R2 CU2 I have an issue on several Servers, which havin System Center Endpoint Protection 2012 installed (provided through SCCM Agent).
There are hourly Temp Folders created in C:\Windows\...:
The Temp-Folders are including SCEP 2012 Content...
This files are filling up my System drive C:\. I always have to delte those files.
I think System Center Endpoint Protection is trying to reinstall or update itself, and failes...
If I try to uninstall "System Center 2012 Endpoint Protection" manually from the sever, i get the following popup (file not found):
I cannot find the correct Version of this msi-File "fepclient.msi", so I click Cancel, and then I get the Error 0x8007064C (Cannot complete uninstall wizard).
I have this Problem on 4 different Servers right now (FileServer, two Citrix Server, SCCM-Server).
I tried several steps on the SCCM Server:
- Manual Uninstall
- Re-Installation with "scepinstall.exe" from the SCCM Client Source (same error)
- Re-Installation from SCCM Console (Push)
I am not getting rid of this error... I do not want to delete registry keys and testing arround because this are productive Servers... Any ideas how to resolve this one???
If you Need more Details about the infrastructure / OS, just ask.
PatrikReinstalling the SCCM Agent did not help to get any additional log-Information.
But I did no found a log-file in C:\ProgramData\Microsoft\Microsoft Security Client\Support\MSSecurityClient_Setup_4.5.216.0_epp_install.log
I find the following warnings / Errors:
TEMP Folder which is created in C:\Windows\...:
MSI-Missing:
But that does not really help me...
Maybe you are looking for
-
Inconsistency in Bdoc sequence
Hello, we added some z-fields to smokna1 and hence to capgen_object_write. We face problems with the distribution of the contents of the z-filds. Data entered on one client gets saved in the CRM Server but is not saved on other clients altough the da
-
Hi. I have had Infinity 2 connected since 10th May. I understand it takes 10 days for the connection speed to stabilize. The system should try different speeds as it did when I first had fibre. Speeds were as high as 20Mbps before we had a consista
-
How to show CVD as CENVATABLE (ie with set-off) in Import Purchase Order
Dear Sir, In our existing SAP system , the Import Purchase having CVD are showing CVD as Delivery Cost . However we desire that CVD being CENVATABLE should get reflected with a Set-off in the similar fashion as cenvatable EXCISE-DUTY is being shown
-
Mac mini with rolling tv screen
I hooked up my mac mini to my tv and I get a rolling screen. I tried changing the display by using a monitor, but when I go back to the tv, it keeps doing the same thing. Please help.
-
Hi, I create substitution using exit by copy RGGBS000 to ZRGGBS000 and activated it in tcode OBBH. When I test using Tcode F-02, saves as complated, it is work. My questions: 1. When I changes my parked document, why my substitution does not work ? 2