5 Replies Latest reply on Nov 18, 2009 7:01 AM by Sailendra Pamidi

    Duplicate System re-occuring

      Hi All.


      I have McAfee ePO 4.5.0 and about 1000 clinets. Every day when i run a duplicate system query i get the same machine names. And each day i make sure that i delete the duplicate system from the directory. I have also tried to select the "remove agent" check box while removing the sytem but it has no effect.


      Please advice  me what should i do


      Thank You and Cheers

        • 1. Re: Duplicate System re-occuring
          Sailendra Pamidi

          Do you have any Active Directory Sync task running that is populating the machines in a group? If you have selected 'Add Systems to the synchronized group and leave them in their current system tree location (creates duplicate entries)' in the Synchronization settings for group window, this may explain the duplicates.


          Choose one of the other options such as 'Leave systems in their current System Tree Location only' or 'Move systems from the current System Tree location to the Synchronized group'.

          • 2. Re: Duplicate System re-occuring

            Thanks for the reply,


            I do have a group for AD sync and it is selected "Leave systems in their current System Tree Location only" from the begining.


            I usually check my AD Sync group daily for new systems and then move them to my working Group. There are about 8 systems that keeps on repeating in the duplicate system query



            • 3. Re: Duplicate System re-occuring
              Sailendra Pamidi

              Ok. In the list of duplicate systems that you get, if you were to drill down into any of the 8 systems, do you notice any properties for these machines? If there are no properties then these are being populated either by AD Sync or perhaps by importing them into the system tree. Check if there are any server tasks scheduled that could be doing this.


              If the duplicate systems are not populated in the AD sync group, then that can be ruled out.


              if you do see properties - which indicates that an agent has communicated back, then its possible that you have macihnes with duplicate names? Examining the properties may help.

              • 4. Re: Duplicate System re-occuring

                Thanks for the reply Sailendra


                When dupicate system are shown one of them is with properties (location: working group) and the other one without any properties(location :AD Sync Group ), i usually deletes the one with no preperties, but the next day it again shows up


                I also have a server task that runs for Active directory Discovery every day 7.00 pm


                I dont understand y does it shows the PC i have deleted from the AD Sync group again and again when we already have the pc in the working group.




                • 5. Re: Duplicate System re-occuring
                  Sailendra Pamidi

                  A debug log may show more details about the AD sync. Please follow the steps below to enable debug log, then perform an AD Sync on the group (make a note of the time when you ran the AD Synch so it would be easy to locate in the Orion.log).


                  Adjust the log level to debug:
                  Launch Windows Explorer and navigate to the following location (default path specified)

                  ...\Program Files\McAfee\ePolicy Orchestrator\Server\Conf\Orion

                  Right-click on LOG-CONFIG.XML and select Edit.
                  Scroll down to the bottom of the file and locate the following section.

                           <priority value ="warn" />
                           <appender-ref ref="ROLLING" />
                           <appender-ref ref="STDOUT"/>

                  Change the following statement from warn to debug:

                  <priority value ="warn" />

                  <priority value ="debug" />

                  Click File, Save.
                  Click File, Close.


                  After running the AD Sync, capture the Orion.log file under ...\Program Files\McAfee\ePolicy Orchestrator\Server\Logs    folder.  Also capture the EPOApsrvr.log.



                  Message was edited by: Sailendra Pamidi on 11/18/09 6:01 AM