i'm currently doing some testing my my test lab.
in the system tree, I'm able to manually add systems to the "EEPC Test Machines" group (my test group). I intended to sync the "EEPC Test Machines" Group with Active Directory, so that the system tree structure looks like the same as the AD. What i have done is I go to the group details -> sync type with the below settings
Sychronization type: Active Directory
Synchronize: Systems and Container structure
Active Directory Domain: use registered LDAP server.
Container: (i select one OU from AD)
when i click on "synchronize now" button, It doesn't synchronize and showing nothing in system tree. Server task log showing that the synchronization with AD/Domain failed. how do I resolve this problem?
I'm afraid that your question is not related to EEPC itself, and is placed on wrong subforum.
Have you followed the instructions from ePO Product Guide?Message was edited by: SCtbe on 6/17/10 12:58:05 PM CEST
I'm sorry if i'm posting in the wrong subforum. i'm still new to this community and not sure where is the suitable location to post this question. Do you mind telling me where is the place to post epolicy related questions?
I did follow the product guide but just not sure why the synchronization is not success. i have tried to synchronized with AD by choosing NT Domain option instead of Active Directory option, and it succeed to sync (all systems can be seen in a flat list). but this is not what i want, i wish to see the system tree look alike as the Active directory OU structure. can anyone help me here..
i have tried to synchronized with AD by choosing NT Domain option instead of Active Directory option, and it succeed to sync (all systems can be seen in a flat list). but this is not what i want, i wish to see the system tree look alike as the Active directory OU structure. can anyone help me here..
Where did you get impression that (systems tree structure) will automatically resemble your AD structure, upon synch of all PCs?
May be i asked the questions in wrong way. what i means is that the system tree will have the same structure as the active directory after synchronization.
below are some sentenses i copy from the product guide:-
Active Directory integration allows you to: Synchronize with your Active Directory structure, by importing systems and the Active Directory subcontainers (as System Tree groups) and keeping them up-to-date with Active Directory. At each synchronization, both systems and the structure are updated in the System Tree to reflect the systems and structure of Active Directory.
1 Click Menu | Systems | System Tree | Group Details, then select the desired group
in the System Tree. This should be the group to which you want to map an Active Directory
2 Next to Synchronization type, click Edit. The Synchronization Settings page for the
selected group appears.
bla bla bla..
hope that you can understand what i'm trying to do... i still cant find solution to resolve this synchronization problem.
Seriously, call your McAfee rep and get some pre-install help. It's just bad karma to try to set up an enterprise class management system on your own.
This function is part of EPO - not necessarily Endpoint Encryption,
I think you would get beeter help from the EPO forum.
Anyway, the function istself is pretty worthless. Are you going to organize your AD structure according to how you want your machines organized in EPO? Remember, policies are applied to the tree structure.
Depending on how your AD is structured, you would end up with all the :"Accounting" machines with the same EPO policies. All the machines in Accounting might not be able to have the same HIPS, AV, EEPC policies.
AD synch is all or nothing too. Once you turn on AD synch, all the machines in the AD containers you synch will all move where they are assigned to move to - with no ability to make exceptions.
It is fine to do AD discovery to find machines that are missing the EPO Agent, but the idea of keeping the machines organized the same as in AD is some kind f Utpoia that your clients will not be able to use/maintain.Message was edited by: eobiont on 6/21/10 10:25:12 PM GMT-06:00
I think it would be best to go back to your McAfee reseller and ask for some implementation support - it's usually included in any sales package.
It's not that i dont want to check with mcafee reseller. My company is a system integration company that will be promoting mcafee product soon (and may be partner with Mcafee). I'm one of the engineer assigned to study on the product before we go into detail, therefore my support resouces at the moment is very limited. hope that you can understand my situation.
I have the same question , and the other question is that when we sync mcafee with our active directory is the synchronization in 2 ways? for instance,when I remove on endpoint from mcafee does it have any impact on my active directory? it means is that endpoint delete from both ways?