locked
Deployment EMET 5.0 Config File RRS feed

  • Question

  • Hello,  I've deployed EMET 5.0  via SCCM 2012 SP1.  The installation works well, no problem.   However,  my understanding is,   if I make a change to the "Popular Software.xml"   For example:   Enable EAF, for wmplayer.exe;

    It would be distributed, to all members.    I followed the 5.0 guide and the following link;  Both appear to be about the same.

    https://sccmguru.wordpress.com/2014/05/07/deploying-and-configuring-emet-4-1-with-system-center-configuration-manager-2012-r2/


    in the above link,  under "Create the EMET Configuration Package and Program"

    I've created my Config Package,   

    My Deployment for EMET Config is set to run "As soon as possible"  and  "Always Rerun program"

    So, my question is,   if I make a change to "Popular Software.xml" ?  why wouldn't it update the members ?  

    Thank you for your time. 

    Wednesday, November 5, 2014 3:12 PM

Answers

  • If you change "Popular Software.xml" in the package source, you'll have to:

    1:  Update your distribution points so they get the latest version of the package source.  You can set this to be done manually or on a schedule.  I do it manually.

    2:  Wait for the content to be redistributed.

    3:  Re-deploy your program.  If you use a single deadline of "as soon as possible" with "always re-run", I am not sure if just updating the package source will cause clients to rerun that deployment or not since you're deploying a "program".  What I do is delete the existing deployment then redeploy it again (ASAP and always re-run).  You could also probably just add a new deadline to the existing deployment, but you can't add an additional "as soon as possible" deadline.

    4:  Wait for clients to perform their application deployment scan cycle.

    • Marked as answer by Semperfi4000 Thursday, November 6, 2014 3:42 PM
    Wednesday, November 5, 2014 11:28 PM

All replies

  • If you change "Popular Software.xml" in the package source, you'll have to:

    1:  Update your distribution points so they get the latest version of the package source.  You can set this to be done manually or on a schedule.  I do it manually.

    2:  Wait for the content to be redistributed.

    3:  Re-deploy your program.  If you use a single deadline of "as soon as possible" with "always re-run", I am not sure if just updating the package source will cause clients to rerun that deployment or not since you're deploying a "program".  What I do is delete the existing deployment then redeploy it again (ASAP and always re-run).  You could also probably just add a new deadline to the existing deployment, but you can't add an additional "as soon as possible" deadline.

    4:  Wait for clients to perform their application deployment scan cycle.

    • Marked as answer by Semperfi4000 Thursday, November 6, 2014 3:42 PM
    Wednesday, November 5, 2014 11:28 PM
  • Thank you for your reply;

    it appears it worked,  but I noticed the new "Popular Software.xml" is located here:  C:\Windows\ccmcache\xx

    and not  C:\Program Files (x86)\EMET 5.0\Deployment\Protection Profiles\

    Thank you

    Thursday, November 6, 2014 10:55 AM
  • Thank you, its working now.
    Thursday, November 6, 2014 3:43 PM