Registering/unregistering ldap servers in epo can have negative consequenses if you are using drive encryption and syncing ldap users. We typically would recommend one ldap server per domain - you can specifiy the domain rather than ldap server, which it would use dns to locate any ldap servers for that domain. In the case of a sub domain that the epo server is not a part of, it is recommended to add that dns server to the network interface dns record on the nic as well as append dns suffix for the other domain. If you have questions on what kind of impact that would have on encryption users, you can get with the encryption team for more detail on that.
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center