Sunday, January 13, 2013

SCCM 2012 SP1 Software Update Point and Endpoint Protection Point

1.       Open ‘Configmgr’ -> ‘administration’->’site Configuration’ -> ‘Server and Site System Roles’ -> Right click the site server which you want to add the roles to -> ‘add site system roles’



2.       As I am using Win2012, so for WSUS setting as follow


3.       Auto sync


Configure Alerts for Collections

Next let's configure Alerts for a Collection, but first let's create a collection called All Windows 7 Computers (in a LAB this is fine for what we want to do, in Production you should create EndPoint Protection specific Collections).

Note:- You cannot configure alerts for User Collections.Click on Assets and Complicance in the console,click on Device Collections and in the ribbon click on Create Device Collection.


Call the collection All Windows 7 Computers and limit it to All Systems

click next, choose Query Rule from the drop down menu and fill in a Query like so (edit query statement, criteria, show query language and replace the code with the below)

select *  from  SMS_R_System where SMS_R_System.OperatingSystemNameandVersion like "%Workstation 6.1%"

set the schedule as follows (it's a LAB)

click next through the wizard, the collection is now created.


In Assets and Compliance select Devices and choose Device Collections, select the All Windows 7 Computers collection (we have no computers in this collection yet but we will have soon), choose properties

Click on the Alerts tab and place a checkmark in View this collection in the Endpoint Protection Dashboard


click on Add and select all the options

click ok and leave the other Alert settings as they are

Configure SUP to deliver Definition Updates

1.    ‘\Software Library\Overview\Software Updates\Automatic Deployment Rules’