Showing results for 
Search instead for 
Did you mean: 

Leftover users on endpoint after AD deletion

We are seeing a problem on endpoints running 7.1.3 where sometimes when a user is deleted from AD, the same user is not removed from an encrypted endpoint.  It will show as removed in EPO, but on the endpoint itself the user is not deactivated.  This is causing trouble as we migrate to a new EPO server as the client when joined to the new EPO server attempts to look up those AD accounts via the new EPO server and there is no match since the user account has been delete from AD.


It would be good to be able to ensure a successful sync has taken place between the endpoint and the EPO server prior to migration to ensure that there are no users on the endpoint that are not present in EPO.  Is there a way to force the client to sync user data with EPO?  Is there a way for me to find the authorized users by looking at the client (on the client - not in EPO)  The user list appreas correct in EPO but the client has a different out of date list. 


More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community