Endpoint Protection

Hello,

I'm trying to run WSUS on a Windows 2008r2 server with Symanthec Endpoint Protection 11.0 already running.

WSUS self-update doesn't and it seems that i have to do some modification on my default website (in IIS manager) to make it works.

The problem is that  i don't have a default website appearing on IIS manager.

It seems that after ending the installation of SEP the default website don't appear anymore.

My question is: Is there a way to make my default website not hidden anymore in order to modify it and make everything work ?

It's not recommended to have WSUS and SEPM on same machine.

check this link

Windows Server Update Services (WSUS) no longer functions after installation of Symantec Endpoint Protection Manager

http://www.symantec.com/business/support/index?page=content&id=TECH102956

Stop SEPM service

Un-install IIS and Reboot the server Re-install IIS

Repair SEPm from Add/Remove Programs.

If SEPM is installed on Default then install WSUS on custom and vice versa.

Even WSUS install gives you an option to install it on custom website at custom port.

Both WSUS and SEPM cannot be on same website as both of them use some Folder "Content" and whichever is install later replaces the content folder of the other making one to stop.

@Pete_4u2002: I read something saying that WSUS and SEPM can be run on the same server as long as i specify that they are not running on the same port. 

@Vikram Kumar: Un-install SEPM is not enough ? Why do i have to un-install IIS either ? 

I did install WSUS on a different website and configure it to work on ports 8530/8531 since the beginning but selfupdate doesn't work. I've been looking for a solution on different forums and lot of them ask me to modify things in the default website, things that i can't modify in WSUS website. Since the default website is hidden, i was looking for a way to make it appear and modify it.

on what port the SEPM is configured?

I neither want you to uninstall SEPM or IIS.

Since your Default Website is not there it clearly means IIS Hardening was done after SEPM was installed and Default website was either removed or renamed as it was not being used that time.

Re-installing IIS will remove all hardening policies and bring back all default configurations for IIS.

Repairing SEPM after re-installling SEPM will re register your SEPM with IIS and will recreate its default website and all folders inside it.

If you have other websites also installed then it might not be a good idea,however if you dont have it then you can do a reinstall of IIS.

After you have re-installed you can do a fresh install for for WSUS and it will create a custom website it also uses default website for certain things.

Don't know. Since i didn't install SEPM by myself. But i read something saying that the default port used by SEPM is 80. And i don't know where to check in order to confirm that.

In attachment a screenshot of my IIS manager.

Don't understand how SEP could remove my default web site since IIS was install later

earlier were 80, new versions are 8014.

You can check by typing http://localhost:8014/reporting in the IE window of SEPM server, it should open the reporting window.

If no page on 8014 try with 80 http://localhost:80/reporting

None of them open the report window

A picture can say thousand of words..

So you do not have SEPM (SEP Manager) installed on the server. SEPM uses IIS SEP client do not use IIS and it has nothing to do with IIS.

It will not remove Default website. Here The Default Website has been Renamed as Administration WSUS.

So your Administration WSUS is your Default Website.

So now coming back to your Actual Issue :

Was WSUS working fine before Installing SEP client ?

In SEP client do you have all the components installed or only Antivirus and Antispyware ( All Components mean Antivirus antispyware,Proactive Threat Scan and Network Threat Protection ) you can see this by opening the Client interface.

Network Threat Protection is a Firewall +IPS so it might be possible Firewall is blocking content update.

After Disabling SEP does your WSUS work properly ? Un-install SEP client , reboot the server to check if its actually SEP blocking automatic update or it is some configuration issue with WSUS.

Do you see any WSUS related error in Eventviewer ?

WSUS has been installed after SEP.

Antivirus and Antispyware are the only components installed. 

Since i have the error ID 13042, thought that it could came from the fact that i'm also running SEP.

Since SEP client don't use IIS what's the point of disabling it ?

Correct..Since you only have Antivirus and Antispyware installed so that would mean there is no SEP firewall or PTP blocking it. I mentioned to Disable SEP if you suspect SEP is blocking Self Update or due to SEP WSUS is not working.

However from the Error Code it looks itis not related to SEP.So we can close this discussion.

Ok. Thanks for your help.