Solved

SCCM 2012 SP1 Endpoint Protection definition update issue

Posted on 2013-11-20
7
5,795 Views
Last Modified: 2013-11-28
I recently setup SCCM 2012 SP1 and was successfully deploying updates, packages, and definition updates to my clients until I decided to tidy up my ADRs so that I only had one relating to Endpoint Protection definition updates rather than 10. After doing this the clients now find 0 definition updates when checking with the site server/DP even though the latest definition has been successfully deployed and is available from the DP and assigned to the correct device collection. When I perform a manual update on a client it goes straight to the internet and downloads the latest definitions from Microsoft even though I have specifically set the config manager as the only source in the client's settings. There are no errors in any of the log files that I have looked at and all other updates are deploying successfully.

I have been pulling my hair out with this for over a week now so any help would be appreciated.
0
Comment
Question by:zeetec
  • 4
  • 3
7 Comments
 
LVL 31

Expert Comment

by:merowinger
ID: 39665145
0
 

Author Comment

by:zeetec
ID: 39665243
Yes it does sound similar as my clients are now all at 4.3.215.0. I will keep an eye on your thread also. Thanks.

I am not sure if it is relevant but I did notice that the client's endpoint protection agent logs state

Endpoint is triggered by WMI notification.
File C:\Windows\ccmsetup\SCEPInstall.exe version is 4.1.522.0.
EP version 4.3.215.0 is already installed.
EP 4.3.215.0 is installed, version is higher than expected installer version 4.1.522.0.

Why is it trying to re-install the client at all and why is the version of the installer wrong?
0
 
LVL 31

Expert Comment

by:merowinger
ID: 39665289
I think thats ok. Its always checking the Client Version with the file located in C:\windows\ccmsetup.  Seems that you did not Exchange the SCEPinstall.exe on your Client Installation Share on the Server, which is synced with the local file location. This is automatically be done with the Cumulative Update 3 for SCCM:
0
The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

 
LVL 31

Expert Comment

by:merowinger
ID: 39665434
Could you please check out the following Directory on the Server:
<SCCM Install Dir>\inboxes\auth\dataldr.box\BADMIFS

In my case there were a lot of BadMifs which exceeded the size limit, after i removed them, one of my Clients just started downloading some definitions....don't know if this depends from each other...but maybe you got similar Problems.
0
 

Author Comment

by:zeetec
ID: 39665441
Thanks but I don't have that problem.
0
 

Accepted Solution

by:
zeetec earned 0 total points
ID: 39672290
I figured out my own problem here and it turned out to be due to the fact that a maintenance window being applied to another collection other than the one the definition updates were being deployed to was preventing the installation of the updates. All I needed to do to fix the problem was change the option on the User Experience tab of the automatic deployment rule relating to allowing software installation outside of maintenance windows. It seems that machines can only receive one maintenance window and they can't be set for each individual collection that a deployment is targeted at as I expected.
0
 

Author Closing Comment

by:zeetec
ID: 39683160
I figured out the solution without assistance or direction from anyone else.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario: Your operations manager has discovered an anomaly in your security system. The business will start to suffer within 15 minutes if it is a major IT incident. What should she do? We have 6 recommendations for managing major incidents (https:…
Note: This is the second blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   Every month t…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

838 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question