f-vt
commented
4 years ago Hi,
Is the update approved on the UpStreamServer ? and then if not in replica mode, on the DownStreamServer(s) ?
If SelfSigned cert, do you have well pushed the CodeSigin cert in root CA and trusted publishers on USS, WU clients; but ALSO on the DSS ?
From WPP GUI, is the EMET update unknown for all computers ? Or maybe OK for the USS itself ?
Have a nice day
Hello, I would be VERY grateful if someone could help me with this.
I am using WPP to publish EMET via WSUS, I have created a self signed cert and its published to the domain machines in the correct cert store(s), configured the (Enable signed applications) gpo setting, EMET is published (and approved) to an upstream WSUS server, the upstream syncs with a downstream server, which in turn gives the updates to the targets.
Problem is: I simply can't find EMET, it doesn't show as an update on the target machines, and doesnt show in the console of the up/down stream servers.
I have done everything by the book but for some reason target machines show as up to date when I check for updates. (They pull other updates though)
Can anyone give me any suggestions please?
Thank you.