On Microsoft TechNet you can find System Center Endpoint Protection (SCEP)Policy Templates. At the moment there's v4 which is from 11/3/2014. These templates can be used to import in ConfigMgr 2012 (R2) easily. You can choose to create multiple server collections to deploy them, or merge them to a single server policy. Best thing is to copy them to the default folder, which is: <ConfigMgr folder>\AdminConsole\XmlStorage\EPTemplates. 
The following SCEP policies are enclosed:
The queries to decide which server is a member in which collection is enclosed also:
-----
SCEP Server CLUSTER
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "ClusSvc"
-----
SCEP Server EXCHANGE
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "MSExchange%"
-----
SCEP Server HYPER-V
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "vmms"
-----
SCEP Server IIS
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "W3SVC"
-----
SCEP Server RDS
select * from SMS_R_System inner join SMS_G_System_SERVER_FEATURE on SMS_G_System_SERVER_FEATURE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVER_FEATURE.ID = 18
-----
SCEP Server SCCM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "SMS_SITE_COMPONENT_MANAGER"
-----
SCEP Server SCDPM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "MSDPM"
-----
SCEP Server SCO
select * from  SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "orunbook"
-----
SCEP Server SCOM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "cshost"
-----
SCEP Server SCSM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "OMCFG"
-----
SCEP Server SCVMM
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "SCVMMService"
-----
SCEP Server SHAREPOINT
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "SPTimer%"
-----
SCEP Server SQL
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "MSSQL$%"
-----
SCEP Server WSUS
select * from SMS_R_System inner join SMS_G_System_SERVICE on SMS_G_System_SERVICE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVICE.Name like "WsusService"
-----
Source: Microsoft TechNet
Just great to have many SCEP templates to build on!
 

Really cool extra information over the templates on their own. Have you heard if there is an update to these for SCCM CB?
ReplyDeleteThanks this saves a lot of work
ReplyDelete