Active Directory Resync schedule does not remove unmanaged computers deleted from AD.

book

Article ID: 170723

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

Active Directory Resync schedule does not remove unmanaged computers deleted from AD.

Cause

In ITMS 8.1 RU4 by default computers are deleted 7 days after removal from AD.
 

Environment

Symantec Management Platform 8.1 RU4

Resolution

To delete computers immediately after resync;

  1. Edit the "C:\ProgramData\Symantec\SMP\Settings\CoreSettings.config".
  2. Set the ADResyncDeleteResourcesThresholdDays set to "0".
  3. Make sure the AD import rules are Enabled (marked as green) and have a future schedule.
  4. After that run the "NS.Directory Resync Update Schedule Item" scheduled task on the SMP Server.
     

Note: When ‘Delete’ action is enabled, we check out when affected resources were last imported by AD Import rules and only perform deletion to these, which are older than timespan defined by days in this setting. Computer deleted immediately if this setting set to 0.