SCCM 2012 Antivirus Exclusions for Servers and Workstations

Similar Messages

• Does sccm 2012 supports ibcm for linux and unix operating systems

  folks,
  does SCCM 2012 supports linux and unix operating system for IBCM ..........as per my knowledge it dont what i have learn t through bing........

  I thought it's not supported for Linux and Unix, see also:
  http://blogs.msdn.com/b/teju_shyamsundar/archive/2014/05/23/installing-the-system-center-2012-r2-configuration-manager-client-on-linux-part-2.aspx
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Antivirus exclusions for RDS 2012 R2

  Hi all,
  I have a RDS 2012 R2 envirionment. 8 SH servers, 2 WA servers, 2 CB servers (in HA), 1 GW server, 1 x two node Fail over cluster containing the UPD disk files (among other things).
  I've been surfing the net to find antivirus exclusions specific to RDS 2012 R2 but didn't find much. Aside from the regualr OS exclusions, are there any specific exclusions for RDS, specifically Session Host Servers? Any special considurations for UPD?
  Thanks!
  Jesmat.

  Hi Jesmat,
  Thank you for posting in Windows Server Forum.
  There is previous version for “Terminal Service Antivirus Exclusions” is available but sorry to inform that “Antivirus
  Exclusions for RDS server 2012 R2” is still
  not published as Microsoft team is in the process of publishing. Please check
  this article for information.
  Hope it helps!
  Thanks,
  Dharmesh

• Antivirus software exclusions for DFS and Hyper-V

  I am rolling out an updated antivirus solution to our DFS server and Hyper-V (Windows 2008 and 2012) and I am curious of the following:
  1. What are the exclusion suggestions for Hyper-V servers?  I found a URL that showed the exceptions to add but I thought there would be more for Hyper-V to exclude.
  2. What are the specific exclusions to include for a DFS server?  I read somewhere that there were some DFSR hidden folders that need to be included but I would like to know if there is an official suggestion from Microsoft of what files/folders need
  to be excluded.

  Hi,
  Anti-virus software should exclude Hyper-V specific files which listed in the article below:
  Hyper-V: Anti-Virus Exclusions for Hyper-V Hosts
  http://social.technet.microsoft.com/wiki/contents/articles/2179.hyper-v-anti-virus-exclusions-for-hyper-v-hosts.aspx
  For the DFS antivirus exclusion, you could refer to the article below:
  Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows
  http://support.microsoft.com/kb/822158/en-us
  Regards,
  Mandy
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Software Asset Management Solution Accelerator for SCCM 2012 (Contracts, Licenses, Userights, Installations and net usage

  Hello All
  With the given need from the market to manage license compliance proactively - the givven toolsets from MS SCCM 2012 should be capable of handling the given complexity. (reference 27 processes out of SAM ISO 19.770-1:2012
  Where can I find the solution accelerator, which guides us to help clients on two tipical use-cases
  a.) Client has SCCM 2012 - however not yet established the SAM componentes to it (Contracts, Use-rights and License-Comparizons)
  b.) Client has no SCCM yet and wants to start his journey with the Commercial scope right away.
  Any guidance highly appreciated

  SCCM alone isn't going to fit this need.
  You need a License Compliance Solution / Software Asset Management (SAM) solution which SCCM is not.
  The issue with those system, they fail of providing clean /usefull data.
  Usually the best approach is to collect the data with SCCM, normalize the data for that I used BDNA Normalize, then pull in the SAM.
  Like this:
  SCCM 2012 - Normalize - SAM
  John Marcum | http://myitforum.com/myitforumwp/author/johnmarcum/

• Is there Java API available for third-party integrations with SCCM 2012? I went through the "Developer's Survival Guide", and it seems that SCCM 2012 SDKs only support C# and PowerShell

  Hi All,<o:p></o:p>
  My team and I are developing a software using java that works closely with IT management software such as SCCM. Our software will be highly dependent on data stored in SCCM. Basically
  our software will talk to SCCM to get information about a system managed by SCCM. To be able to do that, our software needs to use a java API that talks to SCCM. Is there a java API for SCCM 2012 that we can use? If there is not, what is the work around to
  this issue (integrate a java project with SCCM SDKs)? Any help is appreciated! Thanks!<o:p></o:p>

  Hi,
  As you mentioned, it seems that there is no available Java API for SCCM .
  Just curious, what's information you want to get from SCCM.
  Based on my experience, you could query the SCCM site database to get almost all the information.
  Otherwise, your question seems to be related to SCCM 2012. You may also choose to post there to get more effictive help.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• "Enable distribution-point sharing for this source site" did not showing SCCM 2007 DPs as SCCM 2012 content shares for CM12 clients

  Hi
  We have one central site server and three primary site servers in SCCM 2007 and completed the SCCM 2012 migration as single hierarchy.
  During the migration, We have configured SCCM 2007 Central site server as source hierarchy for data gathering process and configured the "Enable distribution-point sharing for this source site" to make SCCM 2007 distribution points
  as SCCM 2012 content shares to serve SCCM 2012 migrated clients. Now we are facing a problem that one of the primary site server's data gathering process did not gather SCCM 2007 DPs even though we configured "Enable distribution-point sharing for this
  source site" but data gathering process is completing successfully.
  Is anyone have idea, why these SCCM 2007 DPs did not appearing as SCCM 2012 content shares under "Shared Distribution Points"
  Thanks in Advance
  srkr

   Now we are facing a problem that one of the primary site server's data gathering process did not gather SCCM 2007 DPs even though we configured "Enable distribution-point sharing for this source
  site" but data gathering process is completing successfully.
  Earlier all the shared DPs are showing under  Shared Distribution Points ? Or since starting itself these DPs are not showing down? Have you checked migmctrl.log for some clue?
  Anoop C Nair (My Blog www.AnoopCNair.com)
  - Twitter @anoopmannur -
  FaceBook Forum For SCCM

• Non Domain Servers and Workstations

  Hi,
  we are trying to deploy SCCM 2012 clients to non domain servers, and we are also in the process of trying to find out what the best way we can clean up machines from sccm that have not logged in 90days or more.
  From my understanding if I turn on only discover machines that have logged on to the domain in a given period of time than that means if a server has not logged in will not be discovered which can be an issue when patching, and also what do I need to do
  with the non domain servers with sccm client installed on the servers.
  can you please help me with this that would be greatly appreciated
  Thanks Tom

  Hi,
  This blog post does a good job explaining the steps to manage non-domain machines with ConfigMgr 2012:
  http://blogs.technet.com/b/anilm/archive/2012/05/06/managing-workgroup-clients-in-configuration-manager-2012.aspx
  This technet article also has more detailed information about client communication for workgroup computers:
  http://technet.microsoft.com/en-us/library/gg712701.aspx#Plan_Com_X_Forest
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• SCCM 2012 R2 client version 1101 and 1104 queries

  There are several samples of collection query code for SCCM 2012 R2 client version 5.00.7958.1000, which is the base R2 client version. Patches can change this to 5.00.7958.1101 and 5.00.7958.1104. But there is a problem. These two patches
  display as 1101 and 1104 when you go to Control Panel\Configuration Manager\General tab but when you go to Programs and Features and look in there the DisplayVersion is 5.00.7958.1000--so all query code samples are unable to different between the base versions
  and version 1101 and 1004. I have been unable to find out how to write a query that finds version s 1101 and 1104. Does anyone know how to do this? Thanks.

  Use ClientVersion from SMS_R_System within a console query or ClientVersion0 from V_R_system in a SQL query.
  Even this can be deceptive though because the agent only reflects the highest version number of one of its subcomponets. This post, specific to 2007, describes the complexity: http://blog.configmgrftw.com/configmgr-client-hotfix-versioning/.
  Specific to your question though, why do you care if either of these hotfixes are distributed to your clients? 2905002 is only necessary during WinPE (and if you are actually not using download on demand content during OSD) and 2910552 is only applicable
  if you are rolling out Win 8.1 using a single TS to your XP systems using a refresh methodology.
  Jason | http://blog.configmgrftw.com

• SCCM 2012 SP1 - How many servers do I need?

  I'm planning a SCCM test environment using SCCM 2012 SP1 with the goal of using DCIP 3.1. DCIP 3.1 only supports up to SCCM 2012 SP1. I'm new to SCCM and I'm planning to follow Kevin Holman's ConfigMgr 2012 SP1 -QuickStart deployment Guide (Sorry, I can't
  post links on the forum yet.)
  I'm using a virtual environment to build this out so I can create more machines as needed.
  In the guide two systems are used, DB3 and CM1 each with designated services. Could those services be safely installed on one machine instead of two? Why choose to split the SQL and Database Services, from the Primary Site Server, Management Server, and Web
  Console Server?
  Thank you!

  For a lab and most small(ish) production sites you can get away with 1 server.
  John Marcum | http://myitforum.com/myitforumwp/author/johnmarcum/

• SCCM 2012 - Network requirements for Client communication to primary in a Cross Forest Environment

  Hello, I have been trying to get some definitive answers on what network traffic is required between a client and a primary site versus a secondary in a cross forest scenario.
  Here is the scenario:
  Company A has an existing SCCM 2012 primary Site. Company B (Separate Forest) has now been brought in. One subnet on each side can route to each other and using that one subnet a two way forest
  trust has been setup. But the remote offices have IP address overlaps between companies. At some point in the future all assets on company B will be re-IP and brought over to Company A domain. But in the interim it would be nice to get SCCM cross forest clients
  working. Upgrading to a CAS model with two Primaries would not be preferred here as this is a temporary solution. 
  My questions are as follows.
  If a secondary site is deployed into Company B Forest/Network. I have seen people online elude to that clients will still need to communicate to the Primary located at Company A, even though they
  are assigned to a secondary on Company B’s network. Is this true? Is there any workarounds for this? Is a NAT back to the primary acceptable, or is reverse lookup required?
  Will the Primary need to communicate directly to the clients in Company B? If this is in fact a requirement, then this would be a show stopper. But if its only needed for things like client pushes,
  then we could work around it.
  Thanks

  "But the remote offices have IP address overlaps between companies"
  Technically, this is unsupported because clients, depending upon your boundaries, will not be able to find a local DP since they use IP addresses for this. The only way to work around this is to use AD Site boundaries.
  "though they are assigned to a secondary"
  Clients are *never* assigned to a secondary site -- that's not what secondary sites are for. Yes, clients require communication with an MP in the primary site where they are assigned. There is no way to change this or work-around this except to put
  an MP from the primary site closer to those clients and use the new MP affinity option in R2 CU3.
  Reverse lookups are only used to verify names by applications that wish to have this type of functionality (which are very few in number) and have nothing to do with true network traffic. NATing is an issue for the reason I gave above -- DP location.
  Remote control, client push, and WoL won't work either because there is no way for the traffic to reach the destination behind the NAT.
  All client *agent* communication in ConfigMgr is client initiated in ConfigMgr (remote control, client push, and WoL -- as just mentioned -- are sort of exceptions to this but they don't really involve the client *agent*.)
  Jason | http://blog.configmgrftw.com | @jasonsandys

• SCCM 2012 R2 IP for Orchestrator 2012

  Hi,
  We have Orchestrator 2012 (7.0.1154.0) installed, and I would like to connect it to our SCCM 2012 R2 (5.0.7958.1303) installation with an integration pack.
  Does anyone know if I can connect a non-R2 Orchestrator to an R2 SCCM and if so, which IP I should use.
  I wish I could upgrade my SC'Orch to R2 but sadly we have some old SharePoint 2007 third-party IP's which do not work with R2, so I don't think that is an option.
  Your advice will be greatly appreciated.
  Tom

  Hi,
  you can register and deploy the System Center2012 R2 Integration Pack for SCCM, available here: http://www.microsoft.com/en-us/download/details.aspx?id=39622&WT.mc
  System Center 2012 Service Pack 1 - Orchestrator Component Add-ons and Extensions are available here:
  http://www.microsoft.com/en-us/download/details.aspx?id=34611
  Regards,
  Stefan
  www.sc-orchestrator.eu ,
  Blog sc-orchestrator.eu

• Upgrade to SCCM 2012 R2: WinPE 5.0 and Legacy system.

  Hi,
  When upgrade to SCCM 2012 SP1 we get WinPE 4.0 boot images, and the PXE-boot did not working with CPU's that do not support NX/PAE/SSE2.
  SCCM 2012 R2 need "ADK for Windows 8.1" with WinPE 5.0. I think it is same with WinPE 5.0 that it dont working with CPU's that do not support NX/PAE/SSE2.
  Is there something else to considerations with WinPE 5.0 boot with Legacy systems?
  ref:
  http://blogs.technet.com/b/configmgr_geek_speak/archive/2013/03/03/winpe-4-0-boot-images-not-working-with-cpu-s-that-do-not-support-n
  /SaiTech

  I think the link you posted is broken, but this one works:
  http://blogs.technet.com/b/configmgr_geek_speak/archive/2013/03/03/winpe-4-0-boot-images-not-working-with-cpu-s-that-do-not-support-nx-pae-sse2.aspx
  You can still use WinPE3.1, for those legacy computers:
  http://blogs.technet.com/b/brandonlinton/archive/2013/06/21/how-to-create-and-import-a-winpe-3-1-boot-image-for-use-in-configmgr-2012-sp1-cu2.aspx
  http://technet.microsoft.com/en-us/library/dn387582.aspx
  http://technet.microsoft.com/en-us/library/hh397288.aspx
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• SCCM 2012 NAP Agent goes in and out of compliance approx every 2 min.

  I have deployed the SCCM 2012 NAP Agent on a few clients and it goes in and out of compliance approx every 2 min.
  So its compliant for 2 min then uncompliant for about 30 sec then compliant again. If I uninstall the single software update I have enforced with NAP on SCCM the update is remediated properly by NAP/SCCM but the cycling in and out of compliance continues.
  I did have the agent in sccm set to 2 min evaluation cycle for testing purposes but have now reverted it back to one day.  The Health Validation Point is set to 26hrs.
  tconners

  I reset the sccm NAP evaluation cycle again to 1 day and it took this time.
  I cant explain why it was still stuck on 2 min.
  tconners

• Sccm 2012 collections of specific servers (terminal servers etc)

  Hi,
  Please advise what criteria I should use in SCCM 2012 to make collections of specific servers: f.e. terminal servers.
  J.
  Jan Hoedt

  Add Win32_Serverfeature to hardware inventory (http://msdn.microsoft.com/en-us/library/cc280268(v=vs.85).aspx) and create collections based on that data.
  Torsten Meringer | http://www.mssccmfaq.de