Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. How to setup a mirror on a Linux server running System Center 2012 Endpoint Protection

How to setup a mirror on a Linux server running System Center 2012 Endpoint Protection

View products that this article applies to.

Summary

The mirror functionality is a feature to distribute definition updates to Linux clients running System Center 2012 Endpoint Protection (SCEP) that do not have an Internet connection. The procedure in this article outlines the steps to setup a mirror on a Linux server running System Center 2012 Endpoint Protection for Linux, as well as the steps to configure Linux clients to retrieve definition updates from the mirror.

↑ Back to the top

More Information

Configuring the mirror

Note that the Mirror must be configured on a Linux machine with SCEP for Linux installed.

1. Complete the steps below using an account with root privileges:

- Edit the scep.cfg file located in /etc/opt/microsoft/scep.
- Under the [global] tag, add below line:

av_mirror_enabled=yes

- Scroll down until you see the [fac] section and paste in the lines below. The text in Italic must be replaced according to your environment.

[mird]
# Settings for Mirror http daemon
# agent_enabled = yes/no
# Enables operation of the mirror http daemon.
agent_enabled = yes

# listen_addr = "address"
# Address (IP or name) where agent listens for client connections. Empty means on all available interfaces.
listen_addr = ""

# listen_port = port
# TCP port where agent listens for client connections.
# You may have to open this port in your firewall.
listen_port = 2221

# timeout_client = time
# Timeout for client part of the communication.
timeout_client = 30

# auth_mode = "none"/"basic"
# Mirror access authentication mode.
auth_mode = "none"

# username and password needed for accessing the interface (necessary only if auth_mode="basic").
#username = ""
#password = ""

2. Save the scep.cfg with the above changes.

3. Restart the scep service with the below command:

service scep restart

4. Update the definitions

5. When the definitions are updated successfully, verify that the below folder contains nup files:

/var/opt/microsoft/scep/lib/mirror

If you can access the below URL, your Mirror is setup correctly:

http://localhost:<port>/update.ver


Configuring the clients

1. Edit the scep.cfg located in /etc/opt/microsoft/scep. Scroll down to the Update Options and paste below lines, replace the Italic text according to your Mirror Server.

# av_update_server = "server"
# Server used to update anti-virus modules,
# empty string means - autoselect.
av_update_server = "http://mirrorserver.contoso.com:2221"

# if the authentication setting of the Mirror is set to basic, uncomment the av_update_username and av_update_password and enter the appropriate credentials
# av_update_username = "username"
# Username used in authentication against av_update_server.
#av_update_username = ""

# av_update_password = "password"
# Password used in authentication against av_update_server.
#av_update_password = ""

2. Restart the scep service with the below command:

service scep restart

Update the definitions.


↑ Back to the top

Keywords: kb

↑ Back to the top

Article Info
Article ID : 2827654
Revision : 1
Created on : 1/7/2017
Published on : 11/9/2016
Exists online : False
Views : 62