Updating Policies from the Command Prompt
Updated: January 1, 2011
Applies To: Forefront Endpoint Protection
You can update the local policy on a client computer by using a policy template and applying that policy template via the command prompt. Preconfigured policy templates can be obtained from the Microsoft Download Center. For more information about preconfigured policy templates, see About Preconfigured Policy Templates. You can also apply policy settings that have been exported from Configuration Manager or the Forefront Endpoint Protection Group Policy Tool. For more information about exporting policies from Configuration Manager, see Exporting a Policy. For more information about exporting policies by using the Group Policy Tool, see Converting FEP Policies to Group Policy.
To update the local policy on a client computer
From an elevated command prompt, navigate to the %programfiles%\Microsoft Security Client folder, and then run the following command:
ConfigSecurityPolicy.exe [full path]\[ policy file]
Important: You must change the path to this directory and run the command from that location.
For example, if you want to apply the policy named FEP_DHCP.xml to a client, run the following command:
where servername is the name of the server hosting the share, and share is the name of the shared folder on that server.
Note: You must always specify the full path for the policy location.
Wait for approximately three minutes in order for the settings to update in the user interface, and then open the Forefront Endpoint Protection client software. Verify that the settings defined in the policy are shown in the client software.