You bet =) You can do this with a two step process.
Define the Sync Point:
1) Select the My Organization group on the left hand side.
2) On the right hand window pane select group.
3) Select Synchronization type EDIT.
4) Choose Active Directory
5) Choose Systems and container structure.
6) Enter you AD domain name
7) Enter the Credentials you will use for authenticating to the AD server.
8) Browse out to the contain you want to sync from like workstations etc.
Create the Task:
Depending on your version of ePO the steps may be a little different.
1) Go to Automation
2) New task
3) Give it name and detail information about it being a Sync task.
4) Select NT Domain /AD Sync task from the drop down menu.
5) Select the all sync'd groups or all groups.
6) Complete the schedule configuration.
I hope this helps,
William thanks for the answer.
Let me say that I haven't tried your advice yet. I am a little bit hesitating and here are the reasons why:
-In EPO we have under MY ORGANIZATION a system group called OUR COMPANY-NAME.
-In this COMPANY-NAME system group a previous IT-administrator already made some settings that computers are found over the AD with SYNC AD task, but they weren't sorted in the exactlly same structure as we have computers in our AD.
-Under COMPANY-NAME system group I made two subgroups (SERVER & IT DEPARTMENT). When I was moving computers from COMPANY-NAME system group to thoose two subgroups,after the SYNC AD SCHEDULED TASK was run on epo, the systems were automatically moved back under COMPANY-NAME system group. I have found out you have to choose special option when your are moving computers from one to the othe group. This option was
If I have understood you correctly it sounds like the group settings for COMPANY-NAME have the setting defined for existing machines to be moved back into the group.
If you select COMPANY-NAME in the tree > Group Details > Synchronization Type and click the Edit link have a look at the Systems that exist elsewhere in the System Tree setting.
Ensure that this is set to Leave systems in their current System Tree location only.
As for the unique policies it depends on where it is assigned. If they are assigned directly to the machine then the policies will be retained as long as they are not removed from ePO. This can be achieved with the above sync settings. You can set the existing machine setting to leave them where they are if they are already in ePO and then move the machines you want to save into another system group - then delete and recreate the AD sync group with the same existing machine setting. When the AD sync happens it will then pull all the machines back into ePO from out of AD (it won't pull in duplicates of the ones you saved because of the above setting) and then after the sync you can just move the kept machines where you want them to go.
Where you can avoid it - it probably is easier administration-wise to assign the policies to a group with machines in rather than directly to the machines.
I hope this helps!
Thanks for the answer guys.