?
Solved

Help Deploying Forefront in Single Domain/Forest

Posted on 2011-05-09
8
Medium Priority
?
474 Views
Last Modified: 2012-05-11
I have taken over as the Sys Ad in a new company and they use Forefront Client Security exclusively for antivirus.  After looking it over, I realized (and confirmed with the person who used to have this job) that there was no Forefront server installed.  Oh joy.  I have deployed Forefront onto the server on which it used to reside and created a "default deployment" policy.  I see the policy in GPMC.  I linked it to my test OU.  I created a WSUS update policy and also placed it on that test OU.  My machine shows in RSoP that the two GPOs are being deployed to the test machine, however, the test machine, after over 24 hours, is not installing the client.

This is a Forefront newbie question, and I admit my own lack of knowledge here.  What am I missing?  I would be happy to post any requested policies, etc.  This is a rather hot topic here, as apparently they have not deployed any AV to new machines in over two months and have not updates signatures on those machines which were deployed in that same amount of time.

DrUltima
0
Comment
Question by:Justin Owens
  • 3
  • 3
  • 2
8 Comments
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 400 total points
ID: 35721385
Wow.  Hmmm...
Well, I hate to suggest this one in EE but all the really really geeky Forefront guys hang out here:

See the Forefront section most of the way down the page at his link
http://social.technet.microsoft.com/Forums/en-us/categories/

This one is specific to the product you are asking about
http://social.technet.microsoft.com/Forums/en-us/Forefrontclientgeneral/threads

Tell them that one of the only 2 Forefront MVPs in the US sent you,...just leave out the "really really geeky" comment  :-)   The problem is that Forefront is a whole suite of products, and I only deal with ISA (somewhat TMG) and then only the Standard Editions at that,..not Enterprise Editions.

Phil Windell
https://mvp.support.microsoft.com/profile=98602621-9AA2-4360-BDBE-E96788EDECCC
0
 
LVL 31

Author Comment

by:Justin Owens
ID: 35721687
Phil,

I posted this discussion thread where you suggested, referencing you.  I will cross post any relevant replies here, for the sake of the PAQ.  Any help in the interim here is still appreciated, though.

DrUltima
0
 
LVL 29

Expert Comment

by:pwindell
ID: 35721801
Sounds good.

0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35722534
Ruddy cheek - we are not geeky over there :(
0
 
LVL 29

Expert Comment

by:pwindell
ID: 35722570
Ok,...so it was the good kinda "geeky"   :-p
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 1600 total points
ID: 35722832
Go into the WSUS and check they are approved. When WSUS is used (as opposed to SCCM) you need to agree the license terms for the first deployment.
0
 
LVL 31

Author Comment

by:Justin Owens
ID: 35728545
Keith,

I am sure you get this a lot, but thanks.  I have never dealt with WSUS only FSC, so my assumption that WSUS being set to automatically approve such updates was my mistake.  Sure enough, they FSC related deployments were awaiting approval.

On the Technet forum, I received this response:

Hi,

Please refer to the following article to check if the client components in WSUS have been approved.

http://technet.microsoft.com/en-us/library/bb404285.aspx

For more information about deploying FCS, you could visit http://technet.microsoft.com/en-us/library/bb404255.aspx

Thanks,

Miles

This, of course, corroborated your Answer, after the fact as I had already acted on what you posted.

Cheers,

DrUltima
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35728569
No problem - pleased my geeky colleagues corroborated my suggestion
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question