When one of my PC technicians have to reimage and re-encyrpt a pc, a duplicate machines gets created and the old one stays on EEM. I would like to find out how to configure the install set to not allow duplicate machines, and asked to remove current machine object before adding the new one.
And yes, I understand the implications. If the original is removed and it was a mistake, then the technician will have to deal with the consequences in restoring from backup.
I will appreciate your help.......
Solved! Go to Solution.
No. Because it is proprietary database, not SQL.
Also, not all object properties are accessible by API or sbadmcl. For some you still must use GUI.
we facing same issue like yours
beside checking the current asset and your profile there is no method currently in EEM that can delete this.
you have to do it manually.
the tips is look on 'network name' because nerwork name is the hostname of your machine.
Interesting on what we found on the manager & from report.
there profile with encryption enable but current status dissabled
there profile with encryption enable and current status enabled
there profile with encryption removed but current status still enabled
EEM only depends on client update so basically if client failed to update the info on EEM will not accurate as it's supposed to be.
and another interesting finding we having client that sucessfully sync and update but when we generate report there are no last date sync recorded.
we still puzzled to clean all duplicate profile so we do the manual way of auditing by checking with our site it and delete unused profile.
you need to explore the manager & reporting function.. because the normal manager view is hiding many thing from view try check on profile properties and report function.
In some cases running SBADMCL dumpaudit gives more information than report. But you need to parse dump data yourself, to make decissions.
First, I know that I would provably do a SBADMCL dumpaudit. Could you give us the command that would find all old duplicate objects?
One thing that I have noticed is, that the original object's history gets transferred to the new replacement object that was created with the same name.
I am guessing that the history transfer to the new object is done by a process, subroutine, or script, correct?
Could that option be changed to delete the object instead of just blanking and transferring the history to the new object?
no, it's impossible to transfer anything like that between objects.
The Autodomain script will sort things out so you can reuse an object name (deleting or recycling, or reusing an existing one), but there's no way to transfer things like audit between objects.
Ok, but it does erase the history of the old object when the new object get created, because I am looking at two new machines that were just re encrypted.
You mentioned that there is an option to reuse an object name (deleting or recycling, or reusing an existing one). How do we enable this option ?Message was edited by: mariosanchez on 8/20/10 9:54:06 AM CDT
There is no history in a new object - it's new, it starts off blank?
They will be new objects, not reused objects unless you actually did a remove, then a re-activation, then you are right - it would use the "old" object because it's considered a "template".
check the object ID - that will tell you if this is newly created, or reused.
it's the clearkey option in AutoDomain. There's no option in the normal product to do that.
But it can be scripted. Is use of SBADMCL not considered to be "normal"?
SBADMCL Command – ClearMachineKey
Purpose: This function exists to clear out all the machine specific data. The
usual use for this command is to re-use a machine object after a machine has been reimaged
and Endpoint Encryption re-installed. Normally this would create a new object
because the object still has a valid key from the previous install, but by using this
command the key (and other data) are removed which allows the same object to be
reused. Note that clearing machines that are still active will make the clients unable to
synchronize and unable to be recovered.