I configured AD synchronisation for a specific Group in ePOs System Tree. Invoking synchronisation does not move any systems to the group.
I use a AD-Group Type 'Security Group - Global' and the string in 'Container'-Field of 'Synchronisation Settings...' is 'CN=<name>,OU=<name>,OU=<name>,DC=<name>,DC=<name>,DC=<name>,DC=<name>' (real names replaced by <name>) because the AD does not contain any OU containing the same Clients. Is this because 'Security Groups' are not allowed for Synchronizing with AD or is there another error in my reflections?
Using the AD-SnapIn from MMC opens the properties window when clicking on the 'Security Group' and all the Clients are listed when clicking the 'Members'-Tab.
Nachricht geändert durch vaccinator on 11/16/09 2:43 AMNachricht geändert durch vaccinator on 11/16/09 5:12 AM
Check your AD Sync group configuration and make sure the following options is set:
Systems that exists elsewhere in the System Tree: **Set to --> Move systems from their current System Tree location to the synchronized group
Thank you Jeremy
The option was already set to 'Move systems...' but none of the Security Group Members are sorted in the ePO Tree Group when clicking 'Synchronize now'. The 'Members'-Tab of the Secuity-Group Properties in Active Directory users and Computers lists about 2000 members.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center