I use the rogue sensors in my environment, and then an automatic response for anything that starts with the computer name I expect and on the domain + windows, deploy away.
Also gives the benefit of showing all those random devices you have on your network in case security/someone wants to know.
Saves it endlessly deploying agents as my first few attempts did that as well
I'm more interested in this bit:
Reinstalled systems remain in the ePO console with status "managed" even though there is no longer an agent installed.
Can you explain a bit more what is happening here? Generally when an agent is reinstalled it should not create another entry in ePO, so it sounds like something is not right here. Exactly how are these machines being reinstalled?
Maybe you misunderstood me. I was talking about reinstalling Windows - not the agent.
We're using Matrix42 Empirum for our software deployment.
Previously we had a package for McAfee agent, therefore we never had this problem before.
The package was (re-)installed with the PC.
Eventually we deploy the agent with ePO.
There is an AD sync job running hourly. New systems wil be added to the system tree, deleted ones will be deleted as well..
Once a system appears in the system tree the agent will be deployed and the system becomes managed.
When we reinstall a PC with Matrix42 we usually do not delete it from AD first.
So even if a sync job ran in the meantime the system wouldn't be deleted from the system tree.
The status remains "managed".
Thanks for the tip. I will have a look on rogue sensors. We've pobably licensed it anyway.
Ah, OK, I understand now. (I hope.)
My personal recommendation would be to include an agent in your rebuild process - all the other options are reactive, relying on detecting the machine on the network or in AD. Including an agent on the rebuild image solves all your problems in one go: when the machine is rebuilt it already knows where its ePO server is, and ePO simply updates the existing entry with the new information.