Monday, January 5, 2015

System Center Endpoint Protection Policy Templates

On Microsoft TechNet you can find System Center Endpoint Protection (SCEP)Policy Templates. At the moment there's v4 which is from 11/3/2014. These templates can be used to import in ConfigMgr 2012 (R2) easily. You can choose to create multiple server collections to deploy them, or merge them to a single server policy. Best thing is to copy them to the default folder, which is: <ConfigMgr folder>\AdminConsole\XmlStorage\EPTemplates.

The following SCEP policies are enclosed:

The queries to decide which server is a member in which collection is enclosed also:
-----
SCEP Server CLUSTER
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "ClusSvc"
-----
SCEP Server EXCHANGE
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "MSExchange%"
-----
SCEP Server HYPER-V
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "vmms"
-----
SCEP Server IIS
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "W3SVC"
-----
SCEP Server RDS
select * from SMS_R_System inner join SMS_G_System_SERVER_FEATURE on SMS_G_System_SERVER_FEATURE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVER_FEATURE.ID = 18
-----
SCEP Server SCCM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "SMS_SITE_COMPONENT_MANAGER"
-----
SCEP Server SCDPM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "MSDPM"
-----
SCEP Server SCO
select * from  SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "orunbook"
-----
SCEP Server SCOM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "cshost"
-----
SCEP Server SCSM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "OMCFG"
-----
SCEP Server SCVMM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "SCVMMService"
-----
SCEP Server SHAREPOINT
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "SPTimer%"
-----
SCEP Server SQL
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "MSSQL$%"
-----
SCEP Server WSUS
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "WsusService"
-----


Source: Microsoft TechNet

Just great to have many SCEP templates to build on!

2 comments:

  1. Really cool extra information over the templates on their own. Have you heard if there is an update to these for SCCM CB?

    ReplyDelete
  2. Thanks this saves a lot of work

    ReplyDelete