SCCM 2012 EndPoint Protection migration
I have the old ConfigMgr 2012 name " BACKOFFICE" it is currently managing all the EndPoint Protection for all workstations/servers.
I now have new ConfigMgr 2012 called "SCCM" I just installed ForeFront EndPoint Protection and configured the Custom Client Deviec EndPoint Protection to roll out to workstations. What is the best practice to remove old ForeFront EndPoint
Protection client from old site name and install new one?
1. Do I have to manually uninstall EndPoint Client in control panel for each computer? or is there a way to just uninstall for all computers using the old COnfigMgr 2012 "BACKOFFICE"
Thanks for your help!
Hi !
You have to reassign the desired clients.
It can be scripted:
http://msdn.microsoft.com/en-us/library/cc146558.aspx
Otherwise, you could install again the client on your targets, with the following options: force install and site assignement.
You can refer to this link:
http://technet.microsoft.com/en-us/library/gg712298.aspx
Hope this helps.
Note: This posting is provided 'AS IS' with no warranties or guarantees, and confers no rights. Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable. This helps the community, keeps the forums tidy, and
recognises useful contributions.
Similar Messages
-
SCCM 2012 Endpoint Protection initial update not downloaded
Hi,
I'm new to SCCM 2012. I recently started deploying the Endpoint Protection to all of clients (Windos 7 and XP Pro).
I've noticed that some clients have not been updating their initial definitions after the Endpoint Protection Software is installed.
Since they are not updating their detonation the client remains unprotected with the status icon in red.
The odd thing is that some of our computers do the initial update just fine while others are effected.
Also if I click update manually then the update goes through no issue, but with 100+ clients not updated its not something I want to do manually.
The clients are set to receive auto updates via a auto deployment rule.
Also the antimalware policy is set to do updates as well in this order:
Config Mgr
WSUS
Microsoft Malware Protection Center
Microsoft Update
Has anyone seen this before?
If I need to upload any specific logs just let me know.
Many ThanksDo you have Software update configured (and working) thru ConfigMgr or using a standalone WSUS?
Kent Agerlund | My blogs: blog.coretech.dk/kea and
SCUG.dk/ | Twitter:
@Agerlund | Linkedin: Kent Agerlund |
Mastering ConfigMgr 2012 The Fundamentals -
SCCM 2012 - Endpoint Protection Reporting only using static end date
I have created a subscription to the Endpoint Protection/Antimalware Activity Report built into SCCM2012/Endpoint Protection.
My problem is that I am having trouble getting the dates to work correctly. I want to have the report automaticlly emailed out every monday morning with the status from the last 7 days (i.e. since the last monday report).
However the subscription seems to want a static end date. That is, every monday when the report runs it gives me a status report from the exact same 7 days. Not the most recent 7 days.
How do I go about changing this so it is useful and that every monday it runs, the report it creates/sends is from the the last 7 days?I hope this helps (I am still testing it) but I did this by:-
"Editing" the default report such as "Antimalware activity report".
To avoid corrupting this default report before you change anything select SaveAs and call it something like "Antimalware activity report
for the last 7 days".
Open Datasets, StartEndDates and replace the query with this for the last 7 days
"select DATEADD(day,datediff(day,0,GetDate())- 7,0) as StartDate, DATEADD(day,datediff(day,0,GetDate()),0) as EndDate"
Then open Parameters, StartDate and under General change it to "Hidden".
Then open Parameters, EndDate and under General change it to "Hidden".
Save and test
I had to set the "default value" on each parameter, per Lillonel:
StartDate : =DateAdd("d",-7,Globals!ExecutionTime)
EndDate : =Globals!ExecutionTime
It looks like it is using a 7 day window now. -
SCCM 2012 Endpoint Protection Definition Update
Hi Guys, can you please help me out with this, some of the clients are not pulling or seeing the latest definition updates from the server.
What do I check?Again - Start with the EndpointProtectionAgent.log file on the clients
http://technet.microsoft.com/en-us/library/c6675aac-4bb8-4b4b-9075-06b4ecec2a18#BKMK_ClientOpLogs
Nick Moseley | http://t3chn1ck.wordpress.com
What do I look for in the CIDownloader.log? -
System Center 2012 Endpoint Protection
I am trying to install System Center 2012 Endpoint Protection on my computer for Windows 8.1 and keep getting Error code:0x8004FF71. The license is
offered through our school. Not sure what to do so it will install.Hi,
You need to use System Center Endpoint PRotection 2012 R2 as that it is the version that supports Windows 8.1.
https://social.technet.microsoft.com/Forums/en-US/d9e257f2-3959-430e-a687-749ce43376c2/sccm-2012-endpoint-protection-on-windows-81?forum=configmanagersecurity
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec -
System Center 2012 Endpoint Protection manual scan from UNC
We run SCCM 2012 R2, and 2012 Endpoint protection on a few servers. I tried navigating to a UNC path, then right clicking and selecting 'Scan with System CEnter endpoint protection", but when doing so I get Scan completed on 0 items, regardless
of the folder size I select.
Is it not possible to scan a UNC path manually with SCEP 2012?
TonyHi,
I think this is by design. There is no options from Antimalware Policies in console to control this.
You could also have a look at the following thread.
http://social.technet.microsoft.com/Forums/sqlserver/en-US/3713c941-f176-4b0f-897d-a0c4e14b4d4f/scep-2012-not-able-to-scan-network-sharesdrives
Best Regards
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Can I use System Center 2012 Endpoint Protection in Azure Virtual Machine Gallary's "Windows Server Remote Desktop Session Host" without buy the System Center 2012 Endpoint Protection license ?
I want to protect my Azure RemoteApp against the malware.
System Center 2012 Endpoint Protection installed Azure Virtual Machine Gallary's "Windows Server Remote Desktop Session Host".
Now, I try to build Azure RemoteApp template by using the Azure Virtual Machine Gallary's "Windows Server Remote Desktop Session Host" .
Regards,
Yoshihiro KawabataHi Yoshihiro,
Unless and until Microsoft modifies the license terms for System Center 2012 Endpoint Protection and/or modifies the Online Services Terms (OST) and/or other document explicitly saying that use is included with the Azure RemoteApp (ARA) monthly
fee I recommend you assume as that it is
not included and license it separately for ARA if that is even possible, which is a separate question.
For licensing it is best to be cautious and make decisions based on the official documents that are available that govern use of the software and services involved. At this moment I'm not able to find a Microsoft document that grants use of System
Center 2012 Endpoint Protection with Azure RemoteApp.
When I first used the gallery template and noticed that Endpoint Protection was installed within it I had the same question as you. I will update this thread if/when I obtain more information.
-TP -
System Center 2012 Endpoint Protection - any user may reboot Windows Server
Hello,
I've got System Center 2012 Endpoint Protection client installed on a Windows Server 2008 R2 Terminal Server. I've just noticed that if System Center Endpoint Protection detects some malware that requires system restart in order to successfully clean it,
the notification will be seen by all logged users on Terminal Server and if anyone will press on "Restart" than the Server will reboot even if User hasn't the required permission and I think this is totally unacceptable, Microsoft has to do something
about it. In all situations only an Administrator should have the right to restart the Server.
Please fix this issue asap, thank you.While there is no setting that just controls the 'SCEP needs to reboot', there are other settings that might help.
Have you tried setting "Disable the client user interface" to Yes on the antimalware policy? How about "Show notifications messages..."? I don't have a way to reproduce the behavior you were seeing, but maybe you can give it a shot.
I understand why Microsoft would want to give non-admin users a prompt to reboot a machine that needs it to remove malware. This is the typical scenario for most workstations. However, your exception with a terminal server is definitely something that
needs a workaround.
If you put in Connect feedback asking for a discreet setting to control this, please post a link to it.
I hope that helps,
Nash
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you've found a bug or want the product worked differently,
share your feedback.
<-- If this post was helpful, please click "Vote as Helpful". -
Can I get the detecting malware alert by System Center 2012 Endpoint Protection in Azure RemoteApp ?
Can I get the detecting malware alert by System Center 2012 Endpoint Protection in Azure RemoteApp ?
I want to get the alert and cleanup malware and alert our Azure RemoteApp users.
the System Center 2012 Endpoint Protection exist Azure Virtual Machine gallery "Windows Server Remote Desktop Session Host”.
I test the behavior of System Center 2012 Endpoint Protection by TrendMicro Malware sample "EICAR".
Regards,
Yoshihiro KawabataThank you Pavithra for reply.
I have 3 points for alerting users and admins of Azure RemoteApp template image.
point 1: Fix action.
When the user detect a malware, There are some reasons,
like viewing a malicious web site, like using the vulnerable applications.
The User must fix his action in Azure RemoteApp session.
"Hey, the reason is that you open this web site, Don't open this web site"
point 2: Fix server.
When the user detect a malware, ITpro of Azure RemoteApp fix the current Azure Virtual Machine of Azure RemoteApp.
There may be infected with other malwares.
ITpro need to fix the current Azure Virtual Machine of Azure RemoteApp before infecting other users.
"Hey, This Azure RemoteApp collection will update with the template image after ten minutes."
point 3: Fix damage.
When the user detect a malware, ITpro of Azure RemoteApp research the damage of all system,
like whether or not sent the infected email to other persons by other malware,
like whether or not broken other related systems by other malwares.
"Hey, Are other systems OK ?"
Regards,
Yoshihiro Kawabata -
How effective is System Center 2012 Endpoint Protection for Windows?
Hi,
Is there any thing out there that compares how effective System Center 2012 Endpoint Protection is compared to other AV / Malware solutions? I have read where MS Security Essentials comes up short of the level of protection compared to
other solutions.
Thanks LanceDidn't mean to propose that MS love (yes we all know that you love MS Jason) post as an answer to your question.
Truth is SCEP may be good at how it works, it doesn't whine to users and it integrates to ConfigMgr. That's where it's good at. And I get Jason's point there, I'd just like to know what are those "other products" that haven't found the malware
when SCEP did? MS may gather telemetry, but so do all the other players.
There are several companies that do ONLY and ONLY AV products so they put their 100% effort in them, I don't think that AV is the business priority number 1 for MS.
Check this:
http://lifehacker.com/microsoft-admits-that-third-party-antivirus-is-more-eff-1441135677
And for your info Security Essentials uses the same AV engine that SCEP does.
If you want REAL protection, tested in the REAL world, I suggest you read some reviews of the products.
http://www.av-test.org/en/tests/corporate-user/windows-8/janfeb-2013/
http://chart.av-comparatives.org/chart1.php
--- ADVERT (I don't think it's illegal here, eh Jason?)
I'd go with F-Secure, it's not that expensive and you get some neat features like USB (or any other device for that matter) blocker. And yes, it can be configured to use individual USB sticks and so on.. -
Microsoft System Center 2012 Endpoint Protection compared to Sophos endpoint protection.
Hi All,
We are currently running Sophos Enterprise Console with Sophos Endpoint protection in our environment. We use most of the Sophos functionality with Device Control, Application Control, Disk Encryption and Tamper Protection. We are looking to move to
Microsoft System Center 2012 Endpoint Protection, but is not sure if the Microsoft product will be able to offer us the same functionality as the Sophos product with the same level of protection.
I have done some research and found that we will have to implement MDOP with System Center to come close to achieve our Sophos functionality. Is this true? Or can everything be centrally managed?
Please advise with suggestions before we get rid of Sophos will be highly appreciated.
Kind Regards,
Francois Kaljee
Regards Francois Kaljee IT Systems Administrator MCITP Svr2k8 Direct: +2712 381 1000 Cell: +2782 852 2367 Fax: +2786 602 8482 GPS: S 25 39.639 E 27 50.699 Hernic's Street Address: R/E of PTN 103 De Kroon 444 JQ Brits 0250 South Africa Hernic's
Postal Address: P.O.Box 4534 Brits 0250 South AfricaMost third-party security vendors have multiple products that they bundle together. You need to sit down and define your requirements in terms of functionality and features and then map those to Microsoft's offerings. Trying to find equivalent "products"
won't really work.
You also need to look at the cost. It's quite possible that many of the required MS technologies are available to you through your EA. This is the way to sell a strategy like this to your business.
Simply comparing product features won't work. It should be a combination of
1. what do I actually need?
2. what will it cost?
Gerry Hampson | Blog:
www.gerryhampsoncm.blogspot.ie | LinkedIn:
Gerry Hampson | Twitter:
@gerryhampson -
Overview of SCCM and Endpoint Protection...
I'm very new to the whole SCCM environment and I'm having the damnedest time finding just basic information concerning SCCM and it's separate modules. I have three basic questions that I hope someone here can answer before I move forward with anything to
do with SCCM:
1. My main need at this time is to deploy the Endpoint Protection portion to all of the machines in our Domain. Does EP require the Configuration Manager to get the central administration I'm looking for?
2. Can modules be added to SCCM any time? For example, if I were able to just get the Endpoint Protection installed now, could I add the rest of the suite later?
3. Where can I find installation instructions for SCCM, Configuration Manager and Endpoint Protection?
Thanks
Brian Brehart Network Administrator SurePayroll, Inc.1. Yes, to manage Endpoint Protection, you need ConfigMgr.
2. ConfigMgr has many different roles (but not separate modules) which can be implemented later like Application Management and Operating System Deployment.
3. You can find detailed step-by-step guides that are meant to help a person learn the product.
http://gerryhampsoncm.blogspot.com/2013/02/sccm-2012-sp1-step-by-step-guide.html
http://www.windows-noob.com/forums/index.php?/topic/4045-system-center-2012-configuration-manager-step-by-step-guides/
However, these guides are not prescriptive for the real world, just learning. ConfigMgr is arguably one of the most powerful and complex tools that Microsoft sells. Consider engaging an experienced consultant to architect and implement it, and/or
take an in person training course.
I hope that helps,
Nash
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you found a bug or want the product to work differently,
share your feedback.
<-- If this post was helpful, please click the up arrow or propose as answer. -
Hi,
I have SCCM 2012 R2 and SQL Server 2012 SP1 Enterprise edition on the same server.
The SQL server has two instances.
1. default instance for SCCM db
2. instance named WSUS for WSUS
For licensing purpose, we want to change SQL enterprise edition to standard edition. I know that we cannot change edition without uninstalling SQL enterprise edition and installing SQL standard eition.
I want to know the steps I should follow to successfully migrate SQL to standard edition without breaking SCCM and WSUS DBs
Mashhour FarajFor licensing purpose, we want to change SQL enterprise edition to standard edition. I know that we cannot change edition without uninstalling SQL enterprise edition and installing SQL standard eition.
I'm afraid to tell you that there is more to it than just uninstalling SQL and reinstall SQL. Because you are using enterprise edition, you might have to uninstall CM12 too and start over. This is due to SQL partitioning which CM12 will use but is not
available within SQL standard.
Garth Jones | My blogs: Enhansoft and
Old Blog site | Twitter:
@GarthMJ -
SCCM 2012 SP1 CU4 migrated DP shows package status "unknown"
I have a SCCM 2012 SP1 CU4 environment and have shared SCCM 2007 distribution points.
Today I migrated one of the DP's which seems to work well.
However all my packages shows now the status "unknown" for this migrated DP.
This is a problem which should be fixed in CU4 according to the CU4 description. But it is not :-(
Any idea how to solve this ? R2 install ?Some additional information:
I noticed that the package sources are still available at the "old" ditribution point share abd not on the new sccm 2012 distribution point share. When performing actions described in step 3 below the package becomes available on the distribution point
share......then i guess i can remove the content from the "old" distribution point share ????
I noticed that when a package got the status "unknown" for de migrated DP the following action fix the problem:
--> i remove the DP from the package and immediately add it again, the package status becomes "Successful".....hummm....ok....maybe a script could be created for this
I noticed that when a package got the status "unknown" and the package is also located on the "distribution point share" then following will fix the issue:
--> edit the package and remove the migrated DP and remove the checkbox for string on the distribution point share. Then add the DP again, click Apply and then set the checkbox for storing on the distribution point share and Apply again. Then wait and package
will become available Successful and the package will become available on the distribution point share
But i have 800 packages and 50 to be migrated DP's.....this is not a solution....but what is ????
Any help, ideas, tips, hints, recommendations ?
My overal thoughts are that migrating of a SCCM 2007 DP is not really working at all !!!!!
Or does someone has other experience with e.g. R2 installed ? If so then I will upgrade first... -
Sccm 2012 Can we migrate a distribution point to a Secondary site
Can we upgrade our SCCM 2012 Distribution point to a Secondary Site? Can anyone advise the process please?
Hi,
Please refer to the link below:
Planning a Content Deployment Migration Strategy in System Center 2012 Configuration Manager
http://technet.microsoft.com/en-us/library/gg712275.aspx
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Maybe you are looking for
-
Problem while viewing print preview in Portal(EP7.0)
Hello Experts, We have prepared an ABAP report which generates an output in print format.We have used standard function module(SSF_FUNCTION_MODULE_NAME) and the smartform gets displayed correctly in print preview on R/3 side.But when i create a trans
-
I cannot disconnect from external hard drives because firefox is using the drive. I really don't like this. Aside from being intrusive and inconvenient it seems spywarish or just plain data mining.
-
How to create LDAP filter-based rule to check Group membership in OAM
Hi folks, I'm having hard time creating an authorization rule to verify ldap group membership. I've followed "Configure User Authorization" article from Oracle website (http://download.oracle.com/docs/cd/E10761_01/doc/oam.1014/b32420/v2authz.htm#BABH
-
I have a web page that includes pop-up photos, enlargements of the photo clicked. On Foxfire the pop-up appears in a box with information above and below the photo. The same info that appears on my desktop when in Foxfire. Below is download info, abo
-
Automatic update from Word source into Indesign
Hi I have followed all threats and cannot seem to find a solution to my query. I have to complete a 280page annual report within a very short period of time. Based on the client it seems that there will be multiple changes on content after layout is