Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

SCCM 2012 SP1 Endpoint Protection definition update issue

Posted on 2013-11-20
7
Medium Priority
?
6,703 Views
Last Modified: 2013-11-28
I recently setup SCCM 2012 SP1 and was successfully deploying updates, packages, and definition updates to my clients until I decided to tidy up my ADRs so that I only had one relating to Endpoint Protection definition updates rather than 10. After doing this the clients now find 0 definition updates when checking with the site server/DP even though the latest definition has been successfully deployed and is available from the DP and assigned to the correct device collection. When I perform a manual update on a client it goes straight to the internet and downloads the latest definitions from Microsoft even though I have specifically set the config manager as the only source in the client's settings. There are no errors in any of the log files that I have looked at and all other updates are deploying successfully.

I have been pulling my hair out with this for over a week now so any help would be appreciated.
0
Comment
Question by:zeetec
  • 4
  • 3
7 Comments
 

Author Comment

by:zeetec
ID: 39665243
Yes it does sound similar as my clients are now all at 4.3.215.0. I will keep an eye on your thread also. Thanks.

I am not sure if it is relevant but I did notice that the client's endpoint protection agent logs state

Endpoint is triggered by WMI notification.
File C:\Windows\ccmsetup\SCEPInstall.exe version is 4.1.522.0.
EP version 4.3.215.0 is already installed.
EP 4.3.215.0 is installed, version is higher than expected installer version 4.1.522.0.

Why is it trying to re-install the client at all and why is the version of the installer wrong?
0
 
LVL 31

Expert Comment

by:merowinger
ID: 39665289
I think thats ok. Its always checking the Client Version with the file located in C:\windows\ccmsetup.  Seems that you did not Exchange the SCEPinstall.exe on your Client Installation Share on the Server, which is synced with the local file location. This is automatically be done with the Cumulative Update 3 for SCCM:
0
Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

 
LVL 31

Expert Comment

by:merowinger
ID: 39665434
Could you please check out the following Directory on the Server:
<SCCM Install Dir>\inboxes\auth\dataldr.box\BADMIFS

In my case there were a lot of BadMifs which exceeded the size limit, after i removed them, one of my Clients just started downloading some definitions....don't know if this depends from each other...but maybe you got similar Problems.
0
 

Author Comment

by:zeetec
ID: 39665441
Thanks but I don't have that problem.
0
 

Accepted Solution

by:
zeetec earned 0 total points
ID: 39672290
I figured out my own problem here and it turned out to be due to the fact that a maintenance window being applied to another collection other than the one the definition updates were being deployed to was preventing the installation of the updates. All I needed to do to fix the problem was change the option on the User Experience tab of the automatic deployment rule relating to allowing software installation outside of maintenance windows. It seems that machines can only receive one maintenance window and they can't be set for each individual collection that a deployment is targeted at as I expected.
0
 

Author Closing Comment

by:zeetec
ID: 39683160
I figured out the solution without assistance or direction from anyone else.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Shawn
IT teams define success as solving problems quickly. To enable ITSM modernization we have to think of adopting the tools and methods that will enable resolution of ITSM issues more quickly.
With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question