We have ePO 4.6.6 synchrinized with AD, and observing strange situation when machine existing in AD organization unit (OU) get delete from coresponding ePO group, when is shouldn't
Our structure AD looks like (short example):
And ePO strurcture is based on "User_Machnies" and "Old" OUs, but "bad" and " losts" OUs are excluded from synchronization task, so it look like:
Our problem ist that we have machine that in AD is placed in Dep1 OU, but in ePO is in Lost&Found, when we move it manualy to Dep1 group in ePO it gets deleted with next synchronization task.
Orion.log reports one strange error:
Anyone familiar with similar isses?
As far as I know from ePO DB - group 2 is My Organization. Is this some kind of limitation that AD OUs should be synchronized directly with main ePO group?Message was edited by: SCtbe on 1/20/14 3:05:16 PM CET
This looks like, ad synch option is configured with move systems according to AD tree, set to leave systems in location tree only.
To avoid this issues....
You are right, we set this option on purpose as machines are moved in AD frequently, and we want to reflect changes in ePO. ePO should move machines to corresponding groups instead of deleting them. This sound like issue within synchronization mechanism.