Question related to System center Endpoint protection Status

Question

Question 1 : In System center Endpoint protection Status , some clients are showing endpoint protection agent not yet installed.

But recent upgraded machine don’t required SCEP client separately right ?’

When i checked the machine , its is showing as Endpoint protection deployment state as unmanaged

Question 2 : How to fix the issue Antimalware policy application failed

error : failed to open the local group policy

solved 0
Ketan Kamble 7 months 2 Answers 116 views Beginner 0

Answers ( 2 )

  1. Make sure you have the following selected in your SCCM SCUP, for product categories:

    System Center Endpoint Protection
    Windows Defender

  2. Q1 – Yes check out this configuration for Win10 you don’t need to separate client but you can check https://docs.microsoft.com/en-us/mem/configmgr/core/clients/deploy/about-client-settings#endpoint-protection

    Q2 – https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-antimalware-policies

    To fix the error there are a few steps needed:
    -Browse to the WindowsSystem32GroupPolicyMachine folder on the client and delete the file: Registry.pol
    -Then restart the “SMS Agent Host” service to enforce ConfigMgr download all policies again. Sometimes this is not enough and re-installation of the ConfigMgr client is needed.

    as per http://henkhoogendoorn.blogspot.com/2013/09/failed-to-open-local-machine-group.html

    Best answer

Leave an answer

Sorry, you do not have a permission to answer to this question .