<div>
It should reevaluate the policy. check your client settings policy and under endpoint protection check that &quot;Allow endpoint protection client installation and restarts outside maintenance window. &quot;&nbsp;is set to yes. also check that the policy is applying to the machine if it is already set. <br />
<a href="https://filedb.experts-exchange.com/incoming/2017/11_w45/1209898/Capture.PNG" target="_blank" title="Capture.PNG (15 KB)"><img alt="Capture.PNG" class="file-block lazyload" style="max-width: 422px;" data-src="https://filedb.experts-exchange.com/incoming/2017/11_w45/1209898/Capture.PNG" /></a>
</div>


It should reevaluate the policy. check your client settings policy and under endpoint protection check that "Allow endpoint protection client installation and restarts outside maintenance window. " is set to yes. also check that the policy is applying to the machine if it is already set.
Capture.PNGhttps://filedb.experts-exchange.com/incoming/2017/11_w45/1209898/Capture.PNG

Capture.PNG

<div>
Yes and yes. But it takes 30 mins-2 hours to get it back.<br />
<br />
I think there is no way to block uninstallation if a user has local admin rights.
</div>


Yes and yes. But it takes 30 mins-2 hours to get it back.

I think there is no way to block uninstallation if a user has local admin rights.

<div>
<div class="content wysiwyg-content">
When a client is installed with System Center Endpoint Protection, user can uninstall SCEP if the user had admin right to the local machine. How to block uninstallation of SCEP? &nbsp;This is Microsoft product so as i guess, if the user has admin right, he can do whatever he wants. Is there a way to block even the admin to uninstall SCEP? <br />
<br />
And once SCEP is uninstalled, the client doesn't receive reinstallation for SCEP. It just remains unprotected. Why does SCCM not reevaluate the applied Client Settings and reinstall SCEP? And the status for SCEP is still 'managed' for 2 hours in CAS server.
</div>
</div>


When a client is installed with System Center Endpoint Protection, user can uninstall SCEP if the user had admin right to the local machine. How to block uninstallation of SCEP?  This is Microsoft product so as i guess, if the user has admin right, he can do whatever he wants. Is there a way to block even the admin to uninstall SCEP? 

And once SCEP is uninstalled, the client doesn't receive reinstallation for SCEP. It just remains unprotected. Why does SCCM not reevaluate the applied Client Settings and reinstall SCEP? And the status for SCEP is still 'managed' for 2 hours in CAS server.

Block uninstallation of SCCM Endpoint Protection(SCEP)

Installation is the act of making a computer program program ready for execution. Because the process varies programs often come with a specialized program responsible for doing whatever is needed for their installation. Installation may be part of a larger software deployment process. Cross platform installer builders that produce installers for Windows, Mac OS X and Linux include InstallAnywhere, InstallBuilder and Install4J. Installers for Microsoft Windows include Windows Installer, InstallShield, and Wise Installation Studio; free installer-authoring tools include NSIS, IzPack, Clickteam, InnoSetup, InstallSimple and WiX. Mac OS X includes Installer, and also includes a separate software updating application.

Installation

Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.