Cannot select "Default Group" after moving DLP Agent out of Default Group
search cancel

Cannot select "Default Group" after moving DLP Agent out of Default Group

book

Article ID: 175264

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention Enforce

Issue/Introduction

In your DLP environment, you are unable to move an agent from a custom group back to the default agent group.

Environment

DLP 15.x

Cause

Symantec recommends against using the Default Agent group due to the high potential for DLP Admins to assign all policies to the default group causing new agents to monitor all policies and result in decreased DLP performance. It is intended to be used as the group to which newly installed/added agents are assigned until a DLP admin reassigns them to the proper group. Thus, when trying to change the agent group of a particular agent, the default group does not appear in the drop-down menu. This is the intended functionality.
Policies can be applied to the default group and you can configure it in such a way that a newly installed/added agent will receive a base set of policies. However, Symantec recommends to create separate groups for agents and to use policy groups to deliver policies to these custom agent groups.

Resolution

One workaround to force an agent to return to the default agent group after being reassigned to a custom group is to delete the custom group to which the agent is assigned. This will force the agent to be reassigned to either:

1.) another group to which the agent may be assigned to based on qualifying criteria within the group configuration (such as a group that contains all agents that report to a particular Endpoint Server)

OR

2.) the default agent group if the agent doesn't meet the criteria to be reassigned to any other agent group.

In case number 2, the agent will be reassigned to the default group.

Example:

Here are 2 agents assigned to a group "Test Group" that I want to return to the Default Group

To do this, you have to delete the Test Group.

 

After deleting the group, wait a few minutes and the agents will return to being assigned to the Default Group