Solved

Forefront Client Security on non-ad machines.

Posted on 2010-11-30
4
329 Views
Last Modified: 2012-05-10
We're looking to replace our McAfee EPO with MS Forefront Client Security.   I'm hoping to retain the functionality of our EPO with it's various reports and management of clients.  It looks like the FCS Console does all the same stuff, but  I can't figure out how to get the non-ad joined machines to report to our Forefront Console and get its updates from our WSUS server.  

I guess I expected it to be as easy as install the client with the /nomom option and edit appropriate registry keys to 'point' at our console server.

and ideas?
0
Comment
Question by:MU-IT
  • 2
  • 2
4 Comments
 
LVL 47

Expert Comment

by:dstewartjr
Comment Utility
Modify the script found here

http://msmvps.com/blogs/athif/pages/Manually-Configure-WUA.aspx


============ START Script Code===========
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="http://YOUR-WSUS-SERVER"
"WUStatusServer"="http://YOUR-WSUS-SERVER"
"TargetGroupEnabled"=dword:00000001
"TargetGroup"="IT Department"
"ElevateNonAdmins"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000a
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"AutoInstallMinorUpdates"=dword:00000001
"RebootRelaunchTimeoutEnabled"=dword:00000001
"RebootRelaunchTimeout"=dword:0000003c
"RescheduleWaitTimeEnabled"=dword:00000001
"RescheduleWaitTime"=dword:0000000f
"DetectionFrequencyEnabled"=dword:00000001
"RebootWarningTimeoutEnabled"=dword:00000001
"RebootWarningTimeout"=dword:0000001e
"UseWUServer"=dword:00000001
"NoAUShutdownOption"=dword:00000000
"NoAUAsDefaultShutdownOption"=dword:00000000
============ END Script Code===========

0
 

Author Comment

by:MU-IT
Comment Utility
Ok, We use similar to point our non-ad machines to WSUS, and it works well... but how does that script do anything for the Forefront Client Security Console?
0
 
LVL 47

Accepted Solution

by:
dstewartjr earned 500 total points
Comment Utility
Not entirely sure about the console, but they would at minimum get their definition updates from the WSUS server
0
 

Author Closing Comment

by:MU-IT
Comment Utility
not 100% what I wanted, but as good as it gets in non-ad environments, I guess.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now