Showing results for 
Search instead for 
Did you mean: 

ePO AD Sync Name Resolution Issue

Firstly, apologies if this has been answered elsewhere - I have been hunting for some time and found nothing.

My organisation manages a number of internal customers who each have their own Active Directory’s and DNS domains which are properly hierarchical allowing DNS lookups between them.

We want to migrate from the old Endpoint Encryption Manager to the new ePO so that we can achieve a single, AD integrated management console.  I now have the new ePO 4.5.6 server (our reseller advised us not to use 4.6 due to stablility issues) and have registered the 9 LDAP servers, created the 9 LDAP Sub Groups and setup the sync tasks, all which work perfectly.

The problem now is that whilst the ePO can happily resolve the workstations in the same domain as itself, it cannot resolve any machine names from the foreign domains (a ping from the ePO console results in the error “Failed to determine host IP address”).  I have hunted everywhere and cannot see the FQDN anywhere in the device details so can only assume that it is not retrieved from the AD and I can’t find any way to configure it.  I should point out that from the server console, both DNS and RDNS work perfectly as expected.

I did find one other post whereby the solution was to add the DNS suffix of all foreign domains under the “Append these DNS suffixes (in order)” section of the DNS configuration on the server.  Whilst I would consider that a potentially dangerous bodge and far from a “solution” (there is a risk of duplicate machine names across domains which would presumably cause in any outbound requests from the ePO for any duplicate PC to all hit the first resolved) I did try it as a workaround but still no joy from the ePO console despite working perfectly from the console.

So in short… please help anyone - how can I get the ePO to use the FQDN of a device rather than the NetBIOS name for outbound connections?

Thanks in advance!

1 Reply

Re: ePO AD Sync Name Resolution Issue

i have similar issues. One solution was to push agent handlers into each location, but they are not in those domains, and for the most part the fqdn is gotten,  btu sometimes it fails and is a strange pain to get it working which im not sure how to resolve. also im having an issue wher enot all the nodes are being synched from ad.