更新日期: 2010年12月

適用於: Operations Manager 2007

This topic provides guidance for resolving issues you may encounter with the Forefront Endpoint Protection (FEP) Management Pack.


When an alert is raised by the Forefront Endpoint Protection (FEP) Management Pack, use the Health Explorer on the deployment that triggered the alert to check if one or more monitors are in a Warning or Critical state.

Health Explorer

Investigate the Health Explorer hierarchy from the top down, as monitors that are closer to the health tree root are more important.


When investigating a monitor in a Warning or Critical state:

  1. Open the monitor and review the knowledge articles to learn how to resolve the issue.

  2. In the Health Explorer, click the State Change Events tab and review the state changes for additional information to help you investigate the issue.


If a deployment or part of a deployment is missing, use the information below to troubleshoot the problem:

  1. Locate the class, check if the target was discovered and if not, investigate accordingly:

    • Check that the class is not disabled.

    • Check that there are no overrides increasing the scheduling interval.

    • Verify that sufficient time has passed for the target to be discovered. All the classes run every 24 hours, except for the Microsoft.Fep2010.Monitoring.FepDataWarehouse.Discovery class, that runs every 4 hours.

  2. In addition to these steps, for the Microsoft.Fep2010.Monitoring.FepDataWarehouse.Discovery class:

    • If you have Remote Access to the FEP server, check that there is connectivity between the FEP service computer and the SQL Server.

    • Check that that the System Center Operations Manager agent account on the FEP service machine is a member of the:

      1. db_HealthPermissions role on the FEP DWH database.

      2. SQLAgentReaderRole role in the msdb database on the FEP DWH server.

      3. AN_ReaderRole role on the FEP DWH database.