Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherEPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE
41424344454647484950
Delete systems from the System Tree when they are deleted from Active Directory.
Allow or disallow duplicate entries of systems that already exist elsewhere in the System
Tree.
3 Use the Synchronize Now action to import Active Directory systems (and possibly structure)
into the System Tree according to the synchronization settings.
4 Use an NT Domain/Active Directory Synchronization server task to regularly synchronize
the systems (and possibly the Active Directory structure) with the System Tree according
to the synchronization settings.
Types of Active Directory synchronization
There are two types of Active Directory synchronization (systems only and systems and
structure). Which one you use depends on the level of integration you want with Active Directory.
With each type, you control the synchronization by selecting whether to:
Deploy agents automatically to systems new to ePolicy Orchestrator. You may not want to
set this on the initial synchronization if you are importing a large number of systems and
have limited bandwidth. The agent installation package is about 3.62 MB in size. However,
you may want to deploy agents automatically to any new systems that are discovered in
Active Directory during subsequent synchronizations.
Delete systems from ePolicy Orchestrator (and remove their agents) when they are deleted
from Active Directory.
Prevent adding systems to the group if they exist elsewhere in the System Tree. this ensures
no duplicate systems if you manually move or sort the system to another location.
Exclude certain Active Directory containers from the synchronization. These containers and
their systems are ignored during synchronization.
Systems and structure
When using this synchronization type, changes in the Active Directory structure are carried over
into your System Tree structure at the next synchronization. When systems or containers are
added, moved, or removed in Active Directory, they are added, moved, or removed in the
corresponding locations of the System Tree.
When to use this synchronization type
Use this to ensure the System Tree (or parts of it) look exactly like your Active Directory structure.
If the organization of Active Directory meets your security management needs and you want
the System Tree to continue to look like the mapped Active Directory structure, use this
synchronization type with subsequent synchronizations.
Systems only
Use this synchronization type to import systems from an Active Directory container, including
those in non-excluded subcontainers, as a flat list to a mapped System Tree group. You can
then move these to the desired locations in the System Tree by assigning sorting criteria to
groups.
If you choose this synchronization type, be sure to select not to add systems again if they exist
elsewhere in the System Tree. This prevents duplicate entries for systems in the System Tree.
Organizing Systems for Management
Active Directory and NT domain synchronization
43McAfee ePolicy Orchestrator 4.0 Product Guide