SCEP Definitions not updating | MECM 2002 | ADR

Question

SCEP Definitions not updating | MECM 2002 | ADR

Question

Hello Team,

Greetings for the day and hope you all are staying safe.
Query is about SCEP:

Few servers in infra not updating SCEP definition. About the setup:

Version : MECM 2002. Clients running latest agent.

MP : 4, DP : 50, SUP : 2 (1 HTTP and 1 HTTPS). FSP,

SCEP Update Order : 1st fetch from SCCM and if update not available then fall back to SCEP MS update catalog.

Total Servers 3600, Problem with 100. Sometime updating automatically after 4 days and sometimes not updating at all. All on Prem.

Sometime a simple “Update Definition” does the work and sometimes reboot fixes,
Few genuine servers get fixed after “MpCmdRun.exe -RemoveDefinitions [-All] or -RestoreDefaults or -SignatureUpdate “
There are not much information available on google too apart from the generic MS article https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/troubleshoot-endpoint-client

and the one from Henrik Hoe.

https://blog.ctglobalservices.com/configuration-manager-sccm/heh/configuration-items-and-baselines-example-scep-client-compliance/

If any script available to repair SCEP agent (If corrupted), trigger MpCmdRun.exe -RemoveDefinitions [-All] or -RestoreDefaults or -SignatureUpdate “

and fix registry values and update definitions if older then 1 day?. Configuration Item to detect and repair available? reset the state message only for SCEP and resend it? Not restricting myself for anything and all methods can be tested. Thanks a lot in Advance.

in progress 1

Configuration Manager Deepak Rai 3 years 2020-09-03T17:30:47+05:30 2020-09-03T17:30:47+05:30 3 Answers 733 views Admin

1

About Deepak RaiAdmin

My name is Deepak Rai and i am Lead Infrastructure Engineer on SCCM and Intune with more than 14 years of experience in IT. My main domain is SCCM (ConfigMgr, System Management Server, System Center Configuration Manager, Current Branch, Microsoft Endpoint Configuration Manager, Intune and Azure). I have worked on several platforms (Active Directory, Exchange, Veritas NETBACKUP, Symantec Backup Exec, NDMP devices Like Netapp, EMC Data Domain, Quantam using Backup Exec 2010 and 2012, HP storage works 4048 MSL G3 , Data Deduplication related troubleshooting.) in these 14 years but at last came back to the technology from which i started as IT Engineer which is SCCM.

Follow Me

Answers ( 3 )

Leave an answer

Sorry, you do not have permission to answer to this question .

Previous question

Next question

Anoop C Nair · Answer 1 · 2020-09-06T13:04:56+05:30

It seems better to raise a support case with Microsoft and don’t forget to share the resolution here

Deepak Rai Admin · Answer 2 · 2020-09-16T10:04:10+05:30

Sure Sir. I don’t think i will have to raise request with MS. We have dedicated PFE assigned for our site support. Will Check with him and post the solution.
Hope leaving the thread open for another week will not impact the SLA 🙂

Anoop C Nair · Answer 3 · 2020-09-06T13:03:32+05:30

This is so complex question… it seems no one has answers

Register Now

Login

Lost Password

Login

Register Now

SCEP Definitions not updating | MECM 2002 | ADR