cancel
Showing results for 
Search instead for 
Did you mean: 
jarndt
Level 8
Report Inappropriate Content
Message 1 of 5

ePO 4.6 -> 5.3 and AD Sync question

Jump to solution

Hello all,

We are about to start migrating machines from ePO 4.6 to ePO 5.3.  We currently do not have AD Sync enabled in 5.3 and I believe that enabling it would help to sort machines into their correct location in the System Tree.

If I enable AD Sync in ePO 5.3, will it automatically pull in those systems even if they're currently being controlled by the ePO 4.6 server?

Thanks,

Jamie

1 Solution

Accepted Solutions
Highlighted
Reliable Contributor andrep1
Reliable Contributor
Report Inappropriate Content
Message 4 of 5

Re: ePO 4.6 -> 5.3 and AD Sync question

Jump to solution

On AD sync it creates a system object in the system tree, it represents an unmanaged system. When an agent with matching name communicates, the information will merge.
So if you sync, but do not push the agent on sync you will have your unmanaged systems on the new servers but the managed systems will   remain on the old server.

4 Replies
Reliable Contributor andrep1
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

Re: ePO 4.6 -> 5.3 and AD Sync question

Jump to solution

It will create a system entry in your system tree and will replicate the OU structure if you enable that.

To pull in the systems to the new ePO, use the Transfer Systems function from the old server to the new server. Much easier to track what is happening this way. Once you mark a device to transfer, it will transfer to new servers when it connects to ePO.

It takes minimal setup to do that.

jarndt
Level 8
Report Inappropriate Content
Message 3 of 5

Re: ePO 4.6 -> 5.3 and AD Sync question

Jump to solution

Thanks, Andre.

Can you explain what you meant by "create a system entry"?  Will a device end up being in both the 4.6 and 5.3 ePO servers? It would seem to me that would not be possible. I just want to make sure that if I enable AD synchronization, I don't want ePO to suck in a whole bunch of devices into 5.3 when I'm not ready to do that.  I want to re-create AD in the System Tree and move machines from 4.6 to 5.3 on my own time. When they get moved to 5.3, I want them to get automatically moved to the right spot as a result of AD sync.

I've already set up the ability to transfer systesm from 4.6 to 5.3 and have transferred a handful of systems already.

Highlighted
Reliable Contributor andrep1
Reliable Contributor
Report Inappropriate Content
Message 4 of 5

Re: ePO 4.6 -> 5.3 and AD Sync question

Jump to solution

On AD sync it creates a system object in the system tree, it represents an unmanaged system. When an agent with matching name communicates, the information will merge.
So if you sync, but do not push the agent on sync you will have your unmanaged systems on the new servers but the managed systems will   remain on the old server.

jarndt
Level 8
Report Inappropriate Content
Message 5 of 5

Re: ePO 4.6 -> 5.3 and AD Sync question

Jump to solution

Got it. Thanks for the help, Andre!

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community