Solved

Forefront Client Security on non-ad machines.

Posted on 2010-11-30
4
334 Views
Last Modified: 2012-05-10
We're looking to replace our McAfee EPO with MS Forefront Client Security.   I'm hoping to retain the functionality of our EPO with it's various reports and management of clients.  It looks like the FCS Console does all the same stuff, but  I can't figure out how to get the non-ad joined machines to report to our Forefront Console and get its updates from our WSUS server.  

I guess I expected it to be as easy as install the client with the /nomom option and edit appropriate registry keys to 'point' at our console server.

and ideas?
0
Comment
Question by:MU-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 34241350
Modify the script found here

http://msmvps.com/blogs/athif/pages/Manually-Configure-WUA.aspx


============ START Script Code===========
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="http://YOUR-WSUS-SERVER"
"WUStatusServer"="http://YOUR-WSUS-SERVER"
"TargetGroupEnabled"=dword:00000001
"TargetGroup"="IT Department"
"ElevateNonAdmins"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000a
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"AutoInstallMinorUpdates"=dword:00000001
"RebootRelaunchTimeoutEnabled"=dword:00000001
"RebootRelaunchTimeout"=dword:0000003c
"RescheduleWaitTimeEnabled"=dword:00000001
"RescheduleWaitTime"=dword:0000000f
"DetectionFrequencyEnabled"=dword:00000001
"RebootWarningTimeoutEnabled"=dword:00000001
"RebootWarningTimeout"=dword:0000001e
"UseWUServer"=dword:00000001
"NoAUShutdownOption"=dword:00000000
"NoAUAsDefaultShutdownOption"=dword:00000000
============ END Script Code===========

0
 

Author Comment

by:MU-IT
ID: 34241450
Ok, We use similar to point our non-ad machines to WSUS, and it works well... but how does that script do anything for the Forefront Client Security Console?
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 34241513
Not entirely sure about the console, but they would at minimum get their definition updates from the WSUS server
0
 

Author Closing Comment

by:MU-IT
ID: 34701906
not 100% what I wanted, but as good as it gets in non-ad environments, I guess.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Active Directory Cleanup Report 2 50
How To Overlay Combo Box Row Source Type 'Value List' From VBA 2 52
VPN Exposure 19 45
Problem to setting 16 48
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
A hard and fast method for reducing Active Directory Administrators members.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question