Using predefined ConfigMgr Endpoint templates on site servers with non-default installation directories

Configuration Manager supplies a selection of predefined templates that are optimized for various scenarios and can be imported into Configuration Manager.

 

While importing the Configuration Manager template I noticed that the exclusions in place specify the default installation directories of:

%programfiles%\Microsoft Configuration Manager

%programfiles(x86)%\Microsoft Configuration Manager

 

See below:

 

If you use a non-default installation directory like D:\SCCM, the wrong exclusions will be applied to your site servers.

 

To correct this, you can edit the template files for SCCM 2007 (FEP_Default_CfgMgr2007.xml) and/or SCCM 2012 (SCEP12_Default_CfgMgr2012.xml).

You find them here:

<ConfigMgr Install Folder>\AdminConsole\XMLStorage\EPTemplates

 

Simply edit the xml file with notepad and you can do a find and replace.

 

In my lab, all servers are 64-bit so rather than add new entries, I did a find and replace of the x86 directory “%programfiles(x86)%\Microsoft Configuration Manager” to D:\SCCM.

I then saved the file as SCEP12_Default_CfgMgr2012_Custom.xml and then import the custom version.

If you check the exclusions in the custom file when importing, you’ll find the following:

 

 

For more information, see the following:  

How to Create and Deploy Antimalware Policies for Endpoint Protection in Configuration Manager

https://technet.microsoft.com/en-us/library/hh508785.aspx

 

Hope this helps,

Ryan