Installation System Center Endpoint Protection on Standalone servers

Duchemin, Dominique 2,006 Reputation points
2022-11-04T00:13:50.317+00:00

Hello,

I am trying to install System Center Endpoint Protection on a Windows Server 2012 standalone:

I copied the files:

  1. scepinstall.exe
  2. Standalone.xml

then run
C:\source\scepinstall.exe /policy C:\source\standalone-Domain_Controller.xml
or
C:\Program Files\Microsoft Security Client\ConfigSecurityPolicy.exe C:\source\standalone-Domain_Controller.xml

but I could not see where to change the source of the Definition Updates which should be the WSUS server and no more the Configuration Manager Server with its software updates.

So when opening the GUI locally I have an error:
256983-2022-11-03-17-09-37-standalone-01.png

then if I click "Update definitions"

256984-2022-11-03-17-10-19-standalone-02.png

Where should I change the source of the definitions?

Thanks,
Dom

Microsoft Configuration Manager
0 comments

14 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. CherryZhang-MSFT 6,481 Reputation points
    2022-11-18T06:33:57.363+00:00

    Hi @Duchemin, Dominique ,

    1, After you executed SCEPInstall /ForceClean and SCEPInstall /Update, is the relevant antimalware policy still exists? We may need to reapply it.

    2, Please check your WSUS server, is there any record about Definition Updates that has been approved? As screenshot shown:
    261753-1.png

    3, In my environment. I can see the update about KB2461484 has been installed under the path Control Panel\System and Security\Windows Update\View update history.
    261665-2.png

    4, Can you see the records about KB2461484 in the windowsupdate.logs?
    261666-3.png

    5, Can this standalone client be connected to the internet. If yes, we can try to Updates distributed from Microsoft Update. This is recorded in the article you provided.
    261766-4.png

    Thanks for your time and patience.

    Best regards,
    Cherry

    1 person found this answer helpful.
    0 comments
  2. Duchemin, Dominique 2,006 Reputation points
    2022-11-04T05:04:56.053+00:00

    Hello,

    This is a standalone machine which does not communicate with Configuration Manager, so there is no Software Update Point. We need to use WSUS not Software Update Point.
    This machine is patched by WSUS not by Software Update Point.

    The Configuration Manager with the Software Update point works for 32,000 machines but we have machines not using Configuration Manager but System Center Endpoint Protection on a standalone machine steps. This is using a manual copy of the SCEPInstall.exe and policy from the Configuration Manager as described in the article: https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-protection-configure-standalone-client.

    Thanks,
    Dom

    0 comments
  3. Duchemin, Dominique 2,006 Reputation points
    2022-11-07T18:01:21.72+00:00

    Hello,

    1. Yes
    2. Registries look good:

    257939-2022-11-07-9-30-41-addcrh4-wsus-policy-02.png

    but still not receiving the Definition Updates from WSUS!!!

    Is the port used 8530? HKLM > Software > Policies > Microsoft > Windows > WindowsUpdate > http://vopwsus2k12:8530

    I will recheck next week ..

    Thanks,
    Dom

    0 comments
  4. Duchemin, Dominique 2,006 Reputation points
    2022-11-15T01:34:00.01+00:00

    Hello,

    Unfortunately there is no news on this. The local installation was done several time but there is a piece missing that we could not found. I might have to open a case with Premier Support to review this.

    Thanks
    Dom

  5. Duchemin, Dominique 2,006 Reputation points
    2022-11-16T02:30:09.957+00:00

    Hello,

    SCEPInstall /ForceClean
    SCEPInstall /Update

    Then the Client is showing green and up-to-date version for the definitions.
    Waiting 24 hours to confirm the definitions are continuing to update.

    Thanks,
    Dom

    0 comments