Reconfigure a Newly installed SC2012EP server instance to use a preexisting WSUS 3.0 server?


  • i am not sure if my questions makes sense, but I have recently installed System Center 2012 Configuration Manager and SC2012 Endpoint Protection on a server that housed a standalone SQL isntance for this install.  I also installed the report viewer and WSUS Administrative Center as per the prerequisites.

    I did not install a distribution point, because I wanted to utilize our preexisting WSUS server for this task.  Although now that I have done that I am not convinced that this is proper or even functional.  Can anyone shed some light on this?  I was unable to see how to utilize the remote SUP point or remote WSUS server in the Configuration Manger console.

    Any thoughts on how I can make this happen?

    5 июля 2012 г. 20:55


Все ответы

  • Hi,

    I think I missread it the first time, you want to use the existing WSUS server to deploy Definition updates? You configure the update sources for the Endpoint Protection clients in the Endpoint Protection policies, however you will still need a dsitribution point to be able push install the clients if you need that functionallity..


    -- My System Center blog -- Twitter @ccmexec

    5 июля 2012 г. 21:04
  • Thanks again Jorgen.  This software is new to me so I may simply be misunderstanding the material that I am reading as far as functionality that is available.

    I guess the more extensive background on my setup / requirements might help:

    We have been using WSUS on a server to handle windows updates infrastructure wide for a couple years.  The Default Domain Policy is setup to point our clients at the WSUS update server.  And this functions flawlessly, albeit it isn't as cleanly configured as it could be.

    We wanted to use this server/GPO to also deploy Forefront Endpoint Protection.  I thought that I could simply tell my forefront server to use our existing WSUS/GPO server that is pushing out Windows Updates domain wide, to simply "tack on" the client side forefront endpoint protection + Handle updates to the software.

    I have SCCM 2012 and EP 2012 installed on my second server now, and that server has the Administrative Console for WSUS installed, which is what I thought was required to make SCCM communicate with an existing WSUS set up.

    Did I miss something in my understanding?

    6 июля 2012 г. 13:53
  • Is there just a simple step by step SC2012EP installation guide out there?  I guess I am confused why when my clients are managed by SCCM they don't take any of the commands to install software.  Setting up SCCM doesn't seem that difficult but how do you get the clients in your managed device groups to actually take the software?

    Even when I click "Install Client" from SCCM which is apparently a prerequisite for EP that isn't mentioned anywhere, nothing happens.

    Needless to say I am frustrated with my experience with SCCM so far, hopefully I will figure it out here soon.

    Anyone with any suggestions would be greatly appreciated!

    9 июля 2012 г. 20:38
  • Hi,

    have you checked out the Guides Niall has written They are excellent!

    For troubleshooting SCCM Client Installations check out this post with troubleshooting steps.


    -- My System Center blog -- Twitter @ccmexec

    • Помечено в качестве ответа Rick TanModerator 19 июля 2012 г. 1:20
    9 июля 2012 г. 20:45
  • I have been through most of the first one and love the content, but I found that it doesn't focus on getting the clients to talk to the configuration once SCCM is setup.  I think that I have configured everything that is needed in my SCCM instance and yet my clients are getting told to install the software packages.  Are the clients supposed to initiate the process or is the server?  And if its in the clients hands, what makes them initiate it in a new setup where they have never had to talk to it in the first place?

    I will have to look on the second link.


    9 июля 2012 г. 20:56
  • Hi,

    Have you managed to find a solution to this problem, as i'm also having the same issue. It would be great to know if you managed to get this to work. I have been searching the forums and various websites but no success as yet.

    Many thanks

    • Изменено Shane Green 26 октября 2012 г. 12:24
    26 октября 2012 г. 12:24
  • Well kinda.  There was a lot of configuration required that wasn't immediately obvious.  Our preexisting WSUS deployment doesn't actually have anything to do with our deployment of Endpoint Protection on the clients.  Once SCCM handles the deployment of Endpoint Protection, then the clients will use the preexisting WSUS to get their updates.  I don't specifically remember how it was setup, and can't check at this point in time (I will be able to again in a couple weeks).  Ill post here once I get back to the server.

    While writing this I remembered a key piece of information.  The client software for SCCM has to be installed before sccm can do anything to the clients.

    2 ноября 2012 г. 1:20