search cancel

Symantec Endpoint Protection Manager: Imported Active Directory OU or LDAP Container does not accurately list member computers

book

Article ID: 151575

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You have imported an AD OU (Active Directory Organizational Unit) or LDAP Container into your SEPM (Symantec Endpoint Protection Manager).

Member computers are not listed accurately in the SEPM AD OUs.

Symptoms
Removing, re-adding, or altering the AD server information in the SEPM server properties may cause symptoms. You may also be working on a SEPM that is part of a replication relationship and your SEPM users a different directory server address (or has no address) with which to synchronize AD OUs.
  • OU members appear in the SEPM Temporary group rather than the imported OU group.
  • OUs may display different contents across different SEPMs in a replication relationship.
  • SEP client status icons in the SEPM console may not accurately reflect the client's state.
  • "Sync Now" works on one SEPM in a replication relationship, but not on another.

Cause

Your SEPM may not have a directory server address with which to synchronize AD OUs. The imported OU may have not been synchronized yet with new AD (Active Directory) members, and/or replication has not yet occurred with other SEPMs. Other causes are addressed in Symantec Endpoint Protection 11.0 MR 4 (Maintenance Release 4) and newer.

Resolution


Ensure you are using a SEPM that includes Active Directory or LDAP server addresses in its properties (SEPM console, Admin tab, Servers: select a server and edit properties).

Upgrade to Symantec Endpoint Protection 11.0 MR 4 (Maintenance Release 4) or newer.




Attachments