2 Replies Latest reply on May 13, 2009 1:35 PM by enieft

    AD Sync (don't sync disabled computers?)

      Does anyone know if there is a way to not sync disabled computer short of moving them to other OU's and making them excpetions in the sync policy? Deleting them is not an option right now as the devices might still be alive, just taken offsite, etc.

      Thanks,
      Eric
        • 1. RE: AD Sync (don't sync disabled computers?)
          Looks like ePo 4.0 patch 5 addresses this scenerio:

          http://forums.mcafeehelp.com/showthread.php?t=230530


           

          20. Issue: During an Active Directory synchronization, disabled computer accounts were being imported into ePolicy Orchestrator. (Reference: 439191)

          Resolution: Disabled computer accounts in Active Directory are no longer imported into ePolicy Orchestrator.

          Note: If the ePO administrator has configured the Active Directory synchronization to "remove deleted systems" from the System Tree, deleted systems and disabled systems are automatically removed at the next Active Directory
          synchronization.

          • 2. RE: AD Sync (don't sync disabled computers?)
            awesome! I guess I'll just have to wait and see if anyone else has issues and then install away. Just updated the Mcafee Agent to newest patch and had to convert all of our Repo's to SA's until their newest release.... I am never going to be the extremely proactive one. :)

            Thanks!