Computers that are deleted from Active Directory are not being deleted from the database (Symantec_CMDB) after an AD Import.
There can be several reasons that Directory Synchronization for the Microsoft Active Directory Import rules may not be able to delete computers from the Symantec_CMDB database after being removed from Active Directory:
The following query can be used as a report or run from SQL Management Studio directly, to see a list of the computers that will not be removed by Directory Synchronization and the reason why.
coalesce (a.[Managed State], a.[Has Associated Active AD Import Rule], a.[OU Path]) as 'Reason AD Sync will not delete'
[Has Associated Active AD Import Rule] =
when COUNT (i.Guid) = 0 then 'No Active Rule'
when ad.[Path] is null then 'Missing OU Path'
end as 'OU Path',
when IsManaged = 1 then 'Managed'
end as 'Managed State'
from vRM_Computer_Item r
left join Inv_Import_Rule_Imported_Items ii on ii._ResourceGuid = r.Guid
left join Item i on i.Guid = ii.ImportRuleGuid
left join Inv_Global_Active_Directory_Details ad on ad._ResourceGuid = r.Guid
group by r.Guid, r.Name, IsManaged, ad.[Path]
having COUNT (i.Guid) = 0
or IsManaged = 1
or ad.[Path] is null
order by 3 desc