Showing results for 
Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 5

Best way to leave servers intact in AD but not screw up ePO reports

I have some server that I want to temporarily (in the hopes I can permanently) decommission.  I don't want delete the server accounts in AD in case I need to fire the servers back up, but our ePO syncs with AD.  After a week or so of being off, these powered down servers will start showing as red in my dashboard charts.  What's the best way to just remove these from ePO that does AD syncs to get its machines?  Do i have to have ePO delete the machine using the remove agent option?  or is there a way to leave the agent installed and pointing at my ePO server while removing it from ePO.  I think the remove agent one is the way to go, but figured i'd ask.

4 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

Re: Best way to leave servers intact in AD but not screw up ePO reports

Moved provisionally to ePO for better support.

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 3 of 5

Re: Best way to leave servers intact in AD but not screw up ePO reports

If you want to completely remove the machines from ePO's control, then deleting the machine and choosing the remove machine option will do the trick.

However if it's just the dashboard display, you could always edit the query that produces the dashboard display and exclude those particular machines from the results... just a thought.



Re: Best way to leave servers intact in AD but not screw up ePO reports

One way to deal with this problem in terms of reporting is to create a decom group in my system tree.  I adjust the dashboard queries to exclude the decom group.  Then any time you decom a server, just move it into the decom group.  Or better yet you can use tags instead of the system tree, tag a system as decom, and then exclude anything with the tag decom from your dashboard queries.  Using tags allows you to leave the server in the original system tree location in case you have a multi-level OU structure you want to retain.  Of course doing any of this means you have the possibility of a server that is brought back online but still isn't in the standard dashboard.  I would suggest building some more checks and balances into this, like a server task that checks for a recent ASCI and removes the decom tag, or sends a report through email, or an extra dashboard query etc. (a million ways to not forget, just make sure you use one).

Re: Best way to leave servers intact in AD but not screw up ePO reports

As JoeBidgood told you can delete these servers from ePO and if you don't want theam to appear again at the next AD sync then you can disable these computers under Active Directory; this way you don't delete them from your domain and ePO's sync won't see any disabled computer

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community