A lot of our machines have their SCEP deployment state tagged as "Unmanaged". We have properly configured and deployed Antimalware policies as well as its clien settings. SCEP definitions were also deployed. Checking the status of the machine in sccm console will tell me that the endpoint client was not installed. Upon checking the EndpointProtectionAgent.log of some of the machines, we got the following entries:
-Failed to get EP event code under registry key SOFTWARE\Microsoft\CCM\EPAgent
-Failed to get EP event message under registry key SOFTWARE\Microsoft\CCM\EPAgent
-State 1, error code 0 and detail message are not changed, skip updating registry value
-File C:\WINDOWS\ccmsetup\SCEPInstall.exe version is 126.96.36.199.
-EP version 188.8.131.52 is already installed.
-Expected Version 184.108.40.206 is exactly same with installed version 220.127.116.11.
Checking the registry HKLM\Software\Microsoft\ccm\epagent\ i only got the "generatedpolicy" subkey and not the usual "lastappliedpolicy" subkey. There were also missing registry such as "LastAppliedPolicyName" and "LastAppliedPolicyResolveResultHash". I checked windowsupdate.log and the definition update was successfully installed. Opening the SCEP console will also tell me that pc was protected with virus and spyware definitions up to date. SCEP console also tells me that it was able to apply the deployed policy. Reinstalling both the sccm client and scep yeilds the same result.
Any idea why SCCM still reports my machine as "unmanaged"? Where will I start my troubleshooting? How can I resolve my issue?