MU-IT
asked on
Forefront Client Security on non-ad machines.
We're looking to replace our McAfee EPO with MS Forefront Client Security. I'm hoping to retain the functionality of our EPO with it's various reports and management of clients. It looks like the FCS Console does all the same stuff, but I can't figure out how to get the non-ad joined machines to report to our Forefront Console and get its updates from our WSUS server.
I guess I expected it to be as easy as install the client with the /nomom option and edit appropriate registry keys to 'point' at our console server.
and ideas?
I guess I expected it to be as easy as install the client with the /nomom option and edit appropriate registry keys to 'point' at our console server.
and ideas?
ASKER
Ok, We use similar to point our non-ad machines to WSUS, and it works well... but how does that script do anything for the Forefront Client Security Console?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
not 100% what I wanted, but as good as it gets in non-ad environments, I guess.
http://msmvps.com/blogs/athif/pages/Manually-Configure-WUA.aspx
============ START Script Code===========
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWA
"WUServer"="http://YOUR-WSUS-SERVER"
"WUStatusServer"="http://YOUR-WSUS-SERVER"
"TargetGroupEnabled"=dword
"TargetGroup"="IT Department"
"ElevateNonAdmins"=dword:0
[HKEY_LOCAL_MACHINE\SOFTWA
"NoAutoUpdate"=dword:00000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dwor
"ScheduledInstallTime"=dwo
"NoAutoRebootWithLoggedOnU
"AutoInstallMinorUpdates"=
"RebootRelaunchTimeoutEnab
"RebootRelaunchTimeout"=dw
"RescheduleWaitTimeEnabled
"RescheduleWaitTime"=dword
"DetectionFrequencyEnabled
"RebootWarningTimeoutEnabl
"RebootWarningTimeout"=dwo
"UseWUServer"=dword:000000
"NoAUShutdownOption"=dword
"NoAUAsDefaultShutdownOpti
============ END Script Code===========