locked
Computers not showing in FCSMC RRS feed

  • Question

  • Hello,

    My computers are not showing in FCSMC. Policies and signature files are getting pushed out.  We have a two server setup, one for WSUS and the other handles all Forefront tasks.

     

    I discovered that if I create a computer discovery rule the MOM 2005 admin console, the computer do show up, and they are placed in Unmanaged Computers. However when I try to install the agent on the computer, I get an access denied (error code 5), although I know the acct I am using has sufficient rights.

     

    I’m not sure if the access denied is related to why the computers are not appearing in FCSMC. Also, do I have to manually create the discovery rule for each computer?

     

    To preface, this is a new server build replacing a FCSMC server that died. Same hostname, same collection server name. I did use Windows 2008, instead of Windows 2003.

     

    Thank for your help.

     

    Wednesday, March 25, 2009 4:53 PM

All replies

  • I am seeing the same issue. Please let me know what you find out. 
    JGC MCSA
    Wednesday, March 25, 2009 7:43 PM
  • So as any FYI you should not be creating any discovery rules in MOM..  these are created automatically per system that reports into MOM.

    I would recommend deleting whatever rule you have created so far.

    The things you need to be checking are:

    Do you have a WSUS policy deployed to your intended clients?
    Are those clients checking in with WSUS? Can you see them in the WSUS console and is the last reported/contact time recent?
    Do you have the properly items syncing from MU for your WSUS server.. for the client you specifically need the FCS Product and the "Updates" category.
    Have you approved for install the update called "Client Update for Microsoft Forefront Client Security (1.0.1703.0)"  This is the client.. if you don't have that in your WSUS server and approved for clients they will not get it.
    Do you have an FCS policy deployed to the clients you are testing?

    RSOP.msc is your friend for checking whether policies are deploying properly to your clients
    CSS Security Support Engineer (FCS/MBSA/WUA/Incident Response) Check out my blog http://blogs.technet.com/kfalde
    Thursday, March 26, 2009 6:48 PM
  • Kurt,
    I have deleted the computer discovery rule I created. I checked all the items you suggested using rsop and they are all OK.
    Any other things to look for?

    Thanks for you help.
    Friday, March 27, 2009 7:06 PM
  • I had to change the default MOM install

    Modify the MOM 2005 agent install Choose to Modify the Management Group Settings On the AD CONFIG tab CHANGE "YES to a "NO"

    No clue why it worked for me but all the servers are showing up now.

    Check the App event log if you see a event ID 26023, then it may work for you.


    JGC MCSA
    Friday, March 27, 2009 7:12 PM