SCEP Definitions

Similar Messages

• Best practice for SCEP definition ADR?

  This is how I understand the best practice to be for configuring the SCEP definition ADR:
  Have synchronization run once per day during non peak hours 
  Configure the SCEP definition ADR to run after each synchronization rather than running in intervals such as every 6 hours
  Do not run synchronizations multiple times per day because it can add extra load on the server and cause the software update package version to increase too quickly and impact the definition deployment success rate
  Is this true?
  If so, then if Microsoft releases SCEP definitions 3 times per day and the synchronization runs only once per day, then obviously SCEP clients will not be able to download the latest, most current SCEP definition due to the fact that the sync process is
  what actually grabs the metadata from Microsoft's catalog. 
  Is it even possible to run multiple synchronizations per day? I am running SCCM 2012 R2 in my environment and I DO NOT see anywhere where one can configure multiple software update synchronizations to take place. It is possible from what I understand to
  do this using 3rd party tools, but I really do not want to go there. 
  Can someone please help me with this?
  As always, thanks so much. 

  Hi,
  That changed after Sp1 so it was true but now with sp1 and R2 you can schedule them three times a day. If you have infrastructure that can't handle that, that is another topic. But from Sp1 and further synchronizing the SUP three times a day and set the
  ADR to trigger after a synchronization is the best practice.
  "For performance reasons, in Configuration Manager with no Service Pack, do not schedule automatic deployment rules to deliver definition updates more than once each day. In Configuration Manager SP1, do not schedule automatic deployment rules to deliver
  definition updates more than three times a day."
  http://technet.microsoft.com/en-us/library/jj822983.aspx
  Regards,
  Jörgen
  -- My System Center blog ccmexec.com -- Twitter
  @ccmexec

• SCEP definition updates for clients in DMZ via UNC is not working.

  Hello,
  I have configured SCEP definition updates via UNC method for my Win 8.1 clients in DMZ and its not working.
  Script is properly associated with task scheduler and downloading definition to shared folder properly.
  Even running the mpcmdrun.exe -SignatureUpdate, gives the below error:
  C:\Program Files\Microsoft Security Client>mpcmdrun.exe -SignatureUpdate
  Signature update started . . .
  ERROR: Signature Update failed with hr=80070002
  CmdTool: Failed with hr = 0x80070002. 
  MpCmdRun: Command Line: mpcmdrun.exe  -SignatureUpdate
   Start Time: ‎Sun ‎Jul ‎06 ‎2014 11:05:09
  Start: MpSignatureUpdate()
  Update started 
  Search Started (UNC share) (Path: \\sccm\SCEP_UNC_DEFS\Updates\x64)...
  Search Completed 
  Download Started...
  Download Completed 
  Installation Started...
  Installation Completed 
  Update completed with hr: 0x80070002
  ERROR: Signature Update failed with hr=80070002
  MpCmdRun: End Time: ‎Sun ‎Jul ‎06 ‎2014 11:05:17

  Hi,
  Please check logs on the client to see whether there are any helpful information.(ScanAgent.log, Windowsupdate.log and UpdatesHandler.log)
  Best Regards,
  Joyce
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• SCEP Definition Updates from WSUS

  I am currently using ConfigMgr (SUP) for all update patching including SCEP definitions (the 3 times a day scenario) but I was wondering if I can configure the clients so they just get their SCEP definitions from a stand-alone WSUS yet continue to receive
  all other updates from ConfigMgr (SUP)? I've been successful with pointing the clients to Microsoft Update, Microsoft Malware Protection Center and UNC file shares by changing the Definition Update Source using a custom Antimalware Policy but
  I haven't figured out how to point the SCEP client to a WSUS server? There is a setting in the Antimalware policy to set the UNC path so I was expecting to see a setting to set the WSUS URL. It's hard for me to believe the SCEP client can't be independaly
  re-directed to a local WSUS since you can configure the SCEP client it to go directly to Microsoft or the Protection Center which is basically the WSUS mothership.   
    

  I understand that. I just assumed that since I can change the Definition Update Source and pull the definitions down from "Updates distributed from Microsoft Update" or "Updates distributed from Microsoft Malware Protection Center"
  or "Updates distributed from UNC file shares", all which worked fine for me providing the SCEP client (using WUA) can pull definitions down from a different source
  while all other updates come down normally via the SUP/WSUS, that the "Updates distributed from WSUS" option would allow a separate WSUS to work as well.
  Jason: You asked "What's your end goal or reason for wanting to have separate sources?"
  I would rather not discuss this via the forum so feel free to contact me at
  [email protected] and we can continue this conversation and update the thread at a later time.
   

• Some clients not receiving SCEP definition updates

  I have a collection for some of our application servers that is used in conjunction with an ADR to deploy the SCEP definition updates. 12 of the servers in this collection recently had the SCCM 2012 R2 client installed on them. (The collection has a total
  of 23 servers in it)
  I can see that these 12  servers have the Antimalware policy applied, but are not getting the SCEP updates.  The summary for SCEP is:  Service started without any malware protection engine; AV signatures out of date; AS signatures out
  of date.
  The policy application state is "Succeeded" with the recent date and time.
  When I view the status of the deployment, the enforcement state is "Failed to install update(s) " with an error code of 0X87D00667 - No current or future service window exists to install software updates.
  These servers are members of another collection that is used for deploying the Monthly updates.  This "update" collection does have a maintenance window on it specific to software updates, with no recurrence schedule.
  Do maintenance windows apply to the machine then, regardless of what collection they are in?
  These 12 servers, for the Endpoint Protection client settings have the "Allow EP client installation and restarts outside MW" set to No, and the Suppress any required computer restarts after the EP client is installed set to Yes. 
  For the Software Updates client setting, the update scan schedule and deployment re-evaluation is set to every 7 days.
  So, in looking at this, it appears that these servers will never get any SCEP updates because they are members of another collection that has a MW, even though the SCEP collection does not have a MW?
  Is that correct?

  I added a MW on the collection that is used for SCEP updates.  I made the MW effective yesterday, but the MW hours were from 5:30am-7:30am daily (which should have started this morning, 1/30, at 5:30am).
  In the updatesdeployment.log, I see the MW starting:
  CUpdateAssignmentsManager received a SERVICEWINDOWEVENT START Event UpdatesDeploymentAgent 1/30/2015 5:30:00 AM 3004 (0x0BBC)
  No current service window available to run updates assignment with time required = 1 UpdatesDeploymentAgent 1/30/2015 5:30:00 AM 3004 (0x0BBC)
  CUpdateAssignmentsManager received a SERVICEWINDOWEVENT END Event UpdatesDeploymentAgent 1/30/2015 7:30:00 AM 3312 (0x0CF0)
  No current service window available to run updates assignment with time required = 1 UpdatesDeploymentAgent 1/30/2015 7:30:00 AM 3312 (0x0CF0)
  Attempting to cancel any job started at non-business hours. UpdatesDeploymentAgent 1/30/2015 7:30:00 AM 3312 (0x0CF0)
  However, the definitions are not installed. These 12 servers have the SCEP client, but no definitions installed.
  There are 11 servers in this collection that are getting the definition updates, but the 12 servers in this collection that have recently had the SCCM client installed on it are not getting the updates.    So I know that the ADR is working.
  What am I missing to get these 12 servers to install/update the definitions?

• Automatic Deployment Rule for SCEP Definitions growing too large.

  See the deployment package for SCEP definition is now 256MB and growing.  How can we make sure it stays small?  The ADR creating the package is leaving 26 Definition in there right now.

  The method that Kevin suggests above is what is implemented as part of a default deployment template included with SP1. This limits the number of definitions in the update group to the latest eight (I think).
  As a supplemental note here, whenever an ADR runs and is configured to use an existing update group, it first wipes that update group.
  Jason | http://blog.configmgrftw.com

• SCEP definition update through Automate Deployment Rule

  Hi all.  Got a question on deploying SCEP 2012 definition updates to client PC through SCCM2012 R2 by using Automate Deployment Rule.  It looks like the client PC is not receiving the definition updates immediately.  The ADR seems working
  fine, it completed the synchronization successfully, no error on "PatchDownloader.log" and "ruleengine.log"; deployment folder got filled up with new definition updates.  However, the client is not receiving the new SCEP definition
  updates immediately, although I've configured ADR to install the update as soon as possible, yet nothing happens for the past 2 hours.  I ended up launch the SCEP console on the client PC and then click the "update" button manually, and this
  launch the update process.  I just wondering how much time we need to wait for the SCEP definition update to apply onto the client PC.  Microsoft seems release 3 - 4 definition update per day, I am afraid we might not using the latest definition
  update due to the time waiting issue.  Thank you.

  I've configured the polling interval to take place every 3 hours.  I guess this contribute to the waiting time.  I will keep an eye on it to see if the definition in deed installs automatically. 
  Yes that's one of the delay which is the major Contribution also there would be some delay for the updates when they are downloading and getting updated to the distribution points. You can check the 'Content Status' for that package to verify if it got updated.
  Umair Khan
  Microsoft Support Escalation Engineer
  Blog: http://blogs.technet.com/umairkhan 
    Facebook:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• SCEP definition updates for clients in DMZ

  Hello,
  I do want to enable SCEP definition updates for small group of clients in DMZ (apprx 30 -40)
  I have created a separate  AD OU and SCCM collection for such computers.
  Google shows me different ways like using Definition Update Automation Tool, WSUS, scripts, shares etc, and I am quite confused for which way to adopt.
  can any one suggest me which is the best automated way?
  I do have SCCM 2012 sp1 and all win 8 cleints.
  Thanks in Advance

  You can use whathever method you prefer. All will most likely work. As there's already Configmgr in place I'd use it to do this job. ADRs (automatic deployment rules) can be used to automate this process.
  Torsten Meringer | http://www.mssccmfaq.de

• SCEP Definition update from Microsoft Malware Protection Center vs WindowsUpdate?

  Hi,
  SCEP Definition update from Microsoft Malware Protection Center vs WindowsUpdate? What is the different?
  /SaiTech

  If I remember correctly - definitions for A/V and NIS will be the same from either location.  I think MMPC might give you the ability to download partial, not yet released definitions for added zero-day protection.  I don't remember
  if you have to be part of MAPS to get that benefit, sorry.
  With the integration of WSUS with SCCM 2012, I've found that using updates distributed from ConfigMgr to be sufficient.  I do have those other methods available, but at lower priorities so that remote users who don't VPN as often as they should, have
  a fallback until we can get PKI/HTTPS or an Azure DP, or Direct Access.
  Again, I'm not 100% sure, but I do know that getting updates from SCCM's built in WSUS (via Automatic Deployment Rules), has worked really well for us, and having those extra methods enabled in your policy definitely makes for some extra fallback options.

• SCEP Definitions Detected In Console as Not Required When They Are

  I'm pretty sure I'm probably just overlooking something simple, but I've seen this in two labs I've setup. It appears SCEP definition are showing as not required in the ConfigMgr console, but if I look in WMI on the client (Class: root\Ccm\softwareupdates\updatesstore)
  I can see it appears to be detected as missing (which is correct). 
  Background:
  Site Mode: HTTPS, I was using Configuration Manager 2012 SP1 with the same result. I updated the site to SP1 CU1 (Servers and Clients) same thing (For XP, 7, 8, Server 2012).
  I've installed KB2828233 on the site server still can get clients to detect "Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.149.286.0)" as applicable on clients in the console. I've installed KB2831316 on the
  clients same thing. I'm syncing Forefront Endpoint Protection 2010 for the product as i'm pretty sure these are the definition used to SCEP 2012.
  I've tried setting the disable alternative sources for endpoint to yes and no (Same result) although this shouldn't have anything to do with being detected.
  I'm not sure if any of you may have advice or seen this. All other Windows updates are showing/detecting correctly in the console i'm even publishing third party updates with SCUP that detecteds just fine.
  UPDATE 9:28 - So I downloaded and created an available deployment for the definition update. The clients do get the update in Software Center and I can install it successfully, but it's still showing as not required in ConfigMgr Console
  even after I install it the update doesn't report back as installed.
  On Client connection to updates on WMI using CIM Studio:
  On Server (Showing as not applicable):
  Thanks,
  Justin Chalfant | Blog: setupconfigmgr.com | SCUP Catalog: patchmypc.net/scup | Please mark as helpful/answer if this resolved your issue

  Hi Nash,
  I've just setup a new SCCM 2012 R2 CU3 and am seeing the same behaviour.
  Updates install just fine, but are shown as Not Required instead of Installed.
  Did you get an answer from MSFT on this?
  Thanks for sharing!
  Filip

• SCEP Definition Updates showing as 'not required'

  I've seen this posted a couple of times by other people already, but in both cases there was never any response - so I'm trying again in the hope that somebody has seen it and figured it out now...
  I have set-up and ADR for SCEP 2012 definition updates and it is fully working as expected.
  However - if I do a Run Summarization on the Software Updates node, all the definition updates report 100% compliance BUT report back as 'not required' for all machines. Surely these should report as 'Installed'?
  Other updates are correctly showing as 'Installed' - it's just the defs delivered through the ADR process that are wrong.

  Yes, I know this is an old post, but I’m trying to clean them up. Did you solve this problem, if so what was the solution?
  Personally I never look at the console for numbers, I only look at the report, the console will always be behind. The report will always reflect the current situation.
  Remember that SCEP SU are released 3 or 4 times a day, as soon as a new SU is released for SCEP the old SU will be no required. Since the console only get updated once every 24 hours, IMO it is easy to see why the number within the console will show as not
  required.
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ

• SCEP definitions do not update on Secondary site server

  Issue:  Win 2008R2 server - Secondary site server - SCEP is installed, but it cannot find/download/install any virus definitions.  When attempting to hit "update" within the SCEP console, it returns no results.  When attempting to
  check online for Win Updates via control panel, no virus def updates are found (but 11 different updates are found for .NET and other things).
  The error that is thrown in the Windows Updates log when attempting to update through the SCEP console is Error: 0x80248014. http://support.microsoft.com/kb/2832355/en-us  Although this
  applies to Windows 8, I still checked the settings per the article.  My settings check out okay.
  No error is thrown when attempting to check for updates via Windows Update in the control panel.  It finds 11 available updates (none of which are SCEP related), and displays them properly.
  This server has the CCM2012 client installed, and the Anti-Malware policy has been successfully applied.  We have a separate Anti-Malware policy that is applied only to our SCCM site servers.  The policy indicates that all virus defs are to be
  obtained from Microsoft online Update.  Our primary site server does not display this problem.  It is updating automatically with no issues.
  It is possible to manually download and apply the latest virus definitions by visiting the MS virus defs site and running the manual update installer.  I have only done this to ensure that the virus defs are somewhat current.
  Steps taken:  I have removed SCEP and re-installed it.  I have also attempted the Windows Update "Fix-it" found here.
  http://support.microsoft.com/kb/971058
  Error 0x80248014 persists when attempting an update through the SCEP console, and no SCEP related updates are found by Microsoft online Update.
  Any suggestions on what I might try next?

  Thank you for the reply.
  Well, the issue with this secondary site server isn't 100% fixed, but your line of questions pushed me in a direction that allowed me to put a Band-Aid on it.  That said, it is updating the virus defs - although not exactly as it should be.  But,
  this is good enough for me now.
  To answer some of your questions that seem relevant.  This is a fairly new SCCM setup. Our implementation of SCCM currently is not configured to handle any Software Updates yet.  We still rely on a separate WSUS server in our environment for all
  WinUpdates (including SCEP/FEP).  With that in mind, the Anti-Malware policy that is applied to both SCCM servers use the following 2 locations in order for obtaining SCEP updates:
  1) MS online Updates  2)WSUS
  As mentioned previously, the secondary site never detected updates via SCEP console or WinUpdates via Control Panel.  But this did not explain why it could not retrieve from WSUS.
  A quick look at our WSUS setup shows that auto-approval is configured for all of our workstations, but not our servers.  I corrected this within WSUS - Forced GPUpdate on the site server - ran wuauclt /detectnow on the site server - Now, the virus defs
  were found and could be installed.  (I'll have to wait a little while to see if it continues to update automatically as it should)
  So, as I mentioned above - the big problem of not updating at all is corrected, however the issue still remains "why are no updates found from MS Updates online?"
  At this point - I don't know, but as long as it updates in some fashion, I'm good with that.

• SCEP definition updates trying to pull from the Internet - poor behaviour

  Most of our clients do NOT have the ability to just head out to the internet to get things (via proxy or otherwise) and as such, I have configured my Malware policy to use "Updates distributed from Configuration Manager" ONLY
  I do NOT want it trying to get updates from ANYWHERE ELSE.
  Some aren't behaving. :(
  I am seeing log entries that indicate that the client is trying to go out to the Internet to get the updates.
  Here is a cycle of the machine's more recent attempt:
  2014-01-27 19:51:43:096 3616 e38 Misc ===========  Logging initialized (build: 7.6.7600.256, tz: -0000)  ===========
  2014-01-27 19:51:43:096 3616 e38 Misc   = Process: c:\Program Files\Microsoft Security Client\MpCmdRun.exe
  2014-01-27 19:51:43:096 3616 e38 Misc   = Module: C:\Windows\system32\wuapi.dll
  2014-01-27 19:51:43:096 3616 e38 COMAPI -------------
  2014-01-27 19:51:43:096 3616 e38 COMAPI -- START --  COMAPI: Search [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
  2014-01-27 19:51:43:096 3616 e38 COMAPI ---------
  2014-01-27 19:51:43:096 3616 e38 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
  2014-01-27 19:51:43:096 1032 e7c Agent *************
  2014-01-27 19:51:43:096 1032 e7c Agent ** START **  Agent: Finding updates [CallerId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
  2014-01-27 19:51:43:096 1032 e7c Agent *********
  2014-01-27 19:51:43:096 1032 e7c Agent   * Online = Yes; Ignore download priority = No
  2014-01-27 19:51:43:112 1032 e7c Agent   * Criteria = "(IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains 'a38c835c-2950-4e87-86cc-6911a52c34a3' and CategoryIDs contains 'e0789628-ce08-4437-be74-2495b842f43b')"
  2014-01-27 19:51:43:112 1032 e7c Agent   * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} Third party service
  2014-01-27 19:51:43:112 1032 e7c Agent   * Search Scope = {Machine}
  2014-01-27 19:51:43:112 1032 e7c Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
  2014-01-27 19:51:43:128 1032 e7c Misc  Microsoft signed: Yes
  2014-01-27 19:52:27:427 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:52:27:427 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:52:27:427 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:52:27:427 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:52:27:427 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:52:27:427 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:53:11:727 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:53:11:727 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:53:11:727 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:53:11:727 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:53:11:727 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:53:11:727 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:53:56:042 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:53:56:042 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:53:56:042 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:53:56:042 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:53:56:042 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:53:56:042 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:54:40:342 1032 e7c Misc WARNING: DownloadFileInternal failed for
  http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80072ee2
  2014-01-27 19:54:40:342 1032 e7c Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
  2014-01-27 19:54:40:358 1032 e7c Misc  Microsoft signed: Yes
  2014-01-27 19:55:24:657 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:55:24:657 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:55:24:657 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:55:24:657 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:55:24:657 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:55:24:657 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:56:08:941 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:56:08:941 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:56:08:941 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:56:08:941 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:56:08:941 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:56:08:941 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:56:53:257 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:56:53:257 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:56:53:257 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:56:53:257 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:56:53:257 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:56:53:257 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:57:37:603 1032 e7c Misc WARNING: DownloadFileInternal failed for
  http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80072ee2
  2014-01-27 19:57:37:603 1032 e7c Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
  2014-01-27 19:57:37:619 1032 e7c Misc  Microsoft signed: Yes
  2014-01-27 19:58:01:011 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:58:01:011 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:58:01:011 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://www.update.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:58:01:011 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:58:01:011 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:58:01:011 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:58:24:278 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:58:24:278 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:58:24:278 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://www.update.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:58:24:278 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:58:24:278 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:58:24:278 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:58:47:577 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:58:47:577 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:58:47:577 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://www.update.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:58:47:577 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:58:47:577 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:58:47:577 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: Send failed with hr = 80072ee2.
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://www.update.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab>.
  error 0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Misc WARNING: DownloadFileInternal failed for
  http://www.update.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Agent WARNING: Failed to obtain the authorization cab URLs, hr=0x80072ee2
  2014-01-27 19:59:10:844 1032 e7c Agent   * WARNING: Online service registration/service ID resolution failed, hr=0x80072EE2
  2014-01-27 19:59:10:891 1032 e7c Agent   * WARNING: Exit code = 0x80072EE2
  2014-01-27 19:59:10:891 1032 e7c Agent *********
  2014-01-27 19:59:10:891 1032 e7c Agent **  END  **  Agent: Finding updates [CallerId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
  2014-01-27 19:59:10:891 1032 e7c Agent *************
  2014-01-27 19:59:10:891 1032 e7c Agent WARNING: WU client failed Searching for update with error 0x80072ee2
  2014-01-27 19:59:10:906 3616 458 COMAPI >>--  RESUMED  -- COMAPI: Search [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
  2014-01-27 19:59:10:922 3616 458 COMAPI   - Updates found = 0
  2014-01-27 19:59:10:922 3616 458 COMAPI   - WARNING: Exit code = 0x00000000, Result code = 0x80072EE2
  2014-01-27 19:59:10:922 3616 458 COMAPI ---------
  2014-01-27 19:59:10:922 3616 458 COMAPI --  END  --  COMAPI: Search [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
  2014-01-27 19:59:10:922 3616 458 COMAPI -------------
  2014-01-27 19:59:10:922 3616 5d0 COMAPI WARNING: Operation failed due to earlier error, hr=80072EE2
  2014-01-27 19:59:10:922 3616 5d0 COMAPI FATAL: Unable to complete asynchronous search. (hr=80072EE2)
  2014-01-27 19:59:15:891 1032 e7c Report REPORT EVENT: {45AA9823-28E9-4632-92BE-AF48B4BB8710} 2014-01-27 19:59:10:891-0000 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80072ee2 System Center
  Endpoint Protecti Failure Software Synchronization Windows Update Client failed to detect with error 0x80072ee2.
  2014-01-27 19:59:15:969 1032 e7c Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
  2014-01-27 19:59:15:969 1032 e7c Report WER Report sent: 7.6.7600.256 0x80072ee2 00000000-0000-0000-0000-000000000000 Scan 101 Unmanaged
  2014-01-27 19:59:15:969 1032 e7c Report CWERReporter finishing event handling. (00000000)
  Anyone have any suggestions?  I don't want the machines to EVER try to go out to the internet when they are trying to update their SCEP defs.

  Stop SCEP from downloading over the internet, uncheck the following locations:
  1. SCFEP Def Deployment (ADR if you have one) - 
  Download Setting: If software updates are not available on preferred distribution point or remote distribution point, download content from Microsoft Updates
  2. Client Setting (Endpoint Protection) [check your priority if you have more than 1]
  Disable Alternet Sources (such as Microsoft Windows Update, ....) for the inital definition update on client computers.
  3. Asset and Compliance :Endpoint Protection, Antimalware Policies (check all that you have and priority)
  Defintion Updates: If Configuration Manager is used as a source for definition update, clients will only update from alternate sources if definition is older than (hours)  Set this to 720.  This is the max, after this the machine will be forced
  to pull from Microsoft to protect the machine.
  http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com

• SCEP Definition Updates not updating

  Hi!
  Our topology consists in one Head Quarter Office Server and 6 Branch Office Servers.
  All systems are updated, except for the systems on one Branch Office.
  I have checked step by step the blog http://blogs.msdn.com/b/scstr/archive/2012/05/31/how-to-scep-amp-settings-amp-automatic-deploymnet-rule.aspx 
  Its everything fine, but the systems persist not updated on that branch office. 
  When I checked the Content Status of FEP Definition Update Deployment Package, it has a status of "In Progress".
  The target server does have enought disk space to receive the content, once I created a prestaged content file and it has about 600MB.
  I removed that content location and then distributed again. How can I follow the logs of that distribution?
  Any suggestion on checking this problem out?
  Thanks in advance. 
  Fabio Martins MCDST/MCSA Brasil!!!

  Hi,
  What's the content status of the update package? In progress?
  1.You could try to increase the number of Maximum threads per package in
  Software distribution component properties under
  Sites ->choose your site -> Configure site components -> Software Distribution.
  Reference:Packages content status stuck on “in Progress” in SCCM 2012
  http://silentcrash.com/2013/08/packages-content-status-stuck-on-in-progress-in-sccm-2012/
  2.You could also try to cancel the package distribution, then prestage the content.
  Reference:How to Stop in progress Package Content Distribution to a DP in SCCM 2012 R2
  http://anoopcnair.com/2014/02/25/stop-progress-package-content-distribution-dp-sccm-2012-r2/
  (Note: Microsoft provides third-party contact information to help you find technical support. This contact
  information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.)
  Best Regards,
  Joyce
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• SCCM 2012 :::WSUS Getcookie error blocking SCEP definition Scan and updates

  Please  advise me what could be reasons for this issue and how to resolve it.   because of this  client is  not able to scan and  retreive updates against SUP and SCEP Defintion is not getting updated. a few set of servers are facing
  this issue. Another set of servers( sccm client is working fine against same SUPs.

  That does not cause any issues IMHO. There should be another error later in the log. Also examine U*.log in %windir%\ccm\logs)
  Torsten Meringer | http://www.mssccmfaq.de