I've been tasked with testing Microsoft Forefront Client Security for a public university, and ive sort of lost myself in this process.
My ultimate goals were to create a Test OU (done) drop a few computers into the OU, deploy FCS through WSUS to them, and then violently accost them with viruses and malware.
Thus far I have:
-installed FCS server components (1 server topo) on a WS2008 VM running on ESX.
-created a test OU
-created and linked the FCS policy
-created and linked a policy to point to the WSUS on the test server (don't want to get the schools primary WSUS server involved)
Now what im trying to do is get MOM to manage these clients, and then get WSUS to deploy the client software. however i have some problems
Problem 1: WSUS(on FCS server) cannot see any of the computers in the test OU (is there a way to override domain level WSUS GPO's?)
Problem 2: MOM will not install the agents on the client machines, saying it can't connect to the database
so where do I go from here? thanks
As long as your GPO is enforced, it will be applied. Make sure it's applied to the right group/computers.
Then, type: wuauclt.exe /detectnow and check the log file in C:\Windows (windowsupdate.log)if the client sincs correctly with the WSUS server. If not, check your GPO settings. Make sure it's applied on computer instead of user.
You can also, before, try to update your policy by running this command: gpupdate
Then, check if it's applied to the client computer: gpresult
Let me know please.
EDIT:
Check this site since the error message is related to this: - http://msmvps.com/blogs/Athif/articles/43174.aspx
Also, check your proxy settings if ever you have one.
The GPO is enforced, the OU is set to block inheritance. ive forced group policy updates several times to no avail. Here's what I got from the logfile