SCCM2012 R2 FEP Client don't update definition updates
i have a problem with one of my FEP Clients.
Status: Red
Real-time protection: Off
Virus and spyware defintions: Out of date
Message: This app requires up-to-date virus and spyware definitions. You'll need to install latest definition updates bevore scanning you PC.

The client do not get any definition updates from my SCCM server.
Difference form my other clients: this is the only FEP client located in a different subnet.
Ports are not blocked, ping does work.

I have no idea where to search anymore.
Also checked in the Logs: C:\Windows\CCM\Logs

Thank you.
October 31st, 2014 4:14pm

Updates Deployment, check the Client Settings, check the Deployment for FEP.  If you look at the Software UPdate report does the client know it has to recieve it.  UpdatesHandler and the UpdateStore can help you as it run the Scan cycle for patches you should see the SCEP defs as Missing and you will know it is getting some of the correct data.

Free Windows Admin Tool Kit Click here and download it now
October 31st, 2014 5:00pm

1. Is this client subnet included in site boundary? 2. What about windows updates? Are they getting deployed to this client? 2. What the preferences on client download settings? Is it only config manager or also windows updates included?
October 31st, 2014 7:44pm

I would start simple:  edit your client policy and set it to allow dat updates from Windows Update for the initial update.  Error on clients being secure, first (there's an option to allow the initial DAT update from sources other than SCCM/WSUS)

Once you have that working reliably, make sure you've assigned an AV policy to a collection your workstation is a member of, and start goign through your client logs ... try to see what the _client_ thinks it should be doing ... will give you insight if there's a configuration error or just a policy error.  Logs on the client will be under %windir%\CCM\Logs.
Free Windows Admin Tool Kit Click here and download it now
November 2nd, 2014 12:46am


Have you checked the log file <C:\Windows\WindowsUpdate.log>? Maybe it can give us some clues.

November 2nd, 2014 9:00pm

Thank you all.

After searching for a long time, i found a solution.

In Distribution Point Settings there was an option that only authorized clients are able to connect.

after i have unchecked this, now it works.

thanks to all.

Free Windows Admin Tool Kit Click here and download it now
November 19th, 2014 1:43pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics