Forefront Client no longer updating from WSUS, showing alert RRS feed

  • Question

  • I have migrated approx. half of my enterprise to Forefront.  Deployed through GPO and WSUS.  Updates are managed through WSUS as well.

    For about 2 weeks now, some of my clients show an alert ( ! ) status and out of date definition files.  The clients' Forefront definitions never get updated, all though other WSUS updates are coming down.  WSUS shows that many clients have not downloaded the new definitions, but the Forefront Client Security console is only alerting to a couple machines with out of date definition files and not most of the ones showing an alert.

    If I go to update.microsoft.com one one of these machines I see there is an available definition update and I can apply it then my status is then updated reflecting green check mark.  However, by default my clients cannot download updates from microsoft.com, they have to go through wsus.

    Also, where do I look for logs on Forefront updates? I have checked windowsupdate.log and it does not show issues re forefront definition udpates. 

    Any suggestions/throughts on where to go next?
    Monday, May 4, 2009 2:12 PM

All replies

  • I would love to know if you have found a fix for this. We are experiencing the same thing. Please advise.
    Michael Johnson
    Thursday, March 11, 2010 2:04 PM
  • hi tex and mbm,

    when did you apply FCS SP1 on the server and WSUS? before or after creating a policy?

    i managed to solve problems like this approving anything that's relative to FCS on WSUS (and the CLIENT UPDATEs started to come down)

    there is a version of FCS client that should be upgraded before starting to download updates.

    Try to look at your WSUS config: you should approve not only critical updates relative to FCS, but also program updates and others.

    You can try to "unlock" single computers trying to get updates from Windows update (internet) on that computer and then install everything's related to FCS.

    i'm sorry i don't remember exactly the KB number of the update that "unlocks" FCS....

    please let me know which one does the trick 4 you.

    Diego Castelli
    Monday, March 15, 2010 10:06 AM
  • Did it solves your problem?

    Diego Castelli
    Tuesday, March 23, 2010 12:43 PM
  • The Forefront Client Security SP1 patch only needs to be applied to the servers hosting the management console and the collection server. Have you checked in WSUS to see if there are any WSUS updates waiting to be manually approved. Normally when you install FCS you auto-approve FCS in WSUS, but that does not cover the updates that require you to accept the EULA. Check WSUS to make sure sure there are no updates to manually approve to send to the clients. Of course review your WSUS policy as well and make sure its going to the correct OU where those machines are located.
    Friday, July 23, 2010 2:10 AM