I have just realised that our first line support guys are manually applying the Agent to newly built machines.
I dont believe there is an issue with this, however, the question is its applied manually does it communicate with the EPO server even though there is not entry
for it in EPO because it has not had the Active Directory sync policy run. The sync policy is designed to run at midnight each night.
If it does not communicate with the EPO server until the sync policy has been run, then I believe that the machine is at risk of a virus infection.
Please could someone comment on the above.
The Agent will communicate with ePO, but it will end up in the Lost & Found group. Check the policies and task you have on that ePO group.
When AD sync is finished the system will be moved to the correct ePO group.
Thanks very much for replying. So I guess from your reply that if there are no policies associated with the Lost & Found group the machines will be at risk? Would they also appear as unmanaged in Lost & Found?
If you have policies and task assigned at "My Organization", then there is no risk, because Lost & Found inherits from My Organization.
The systems will appear as managed, because they are communicating with ePO.