Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
443 Views 1 Reply Latest reply: Dec 12, 2012 3:16 AM by DPE RSS
DPE Newcomer 39 posts since
Feb 9, 2011
Currently Being Moderated

Dec 12, 2012 3:04 AM

Advice on decrypt setup



I need some best practice advice.


I have 5 system tree groups, all of which syncs in computers and users from different places in AD (mirroring our different sites). All sync groups are set up with the '


Now i've created a new system tree group for decryption, and added the needed disabled policy for decryption to work. The decryption kicks in just fine. However, when my AD sync jobs run, the computers are moved back to their site system tree group because of the '


How do you suggest i set this up, so that the clients which are manually moved to my decrypt group stays there - even after the AD sync is run - without utilizing the other sync settings.

I'd rather not use AD OU synchronization for the decrypt system tree group, as i'd then have major hazzle modifying WSUS settings, SCCM collection settings and GPO inheritance.



More Like This

  • Retrieving data ...

Bookmarked By (0)


  • Correct Answers - 5 points
  • Helpful Answers - 3 points