search cancel

Policies that are working fine for endpoints are not getting applied to Network Discover scans

book

Article ID: 175828

calendar_today

Updated On:

Products

Symantec Products

Cause

One potential cause of this is that the policy is setup for a User Group (part of Active Directory) and the file server or network shares do not belong to any User Groups

Resolution

  1. Check the groups tab for the policy to see if a User Group is selected. If so, it will not be possible for these policies to be applied to targets on Network Discover scans that are not part of the Active Directory groups that you setup.
  2. Create a separate policy group specifically for Discover scans. This can be done by going to System > Servers and Detectors > Policy Groups and unchecking the "All Servers or Detectors" option (while ensuring that the "All Discover Servers" option remains checkmarked) and giving the policy a name such as "Network Discover Only"
  3. Save the Policy group
  4. Setup separate policies for network discover scans and put them in that policy group (by choosing the "Network Discover Only" policy group in the "policy group" pulldown menu that appears when the policy is first created)

Alternatively, if the target of the network discover scan is part of Active Directory, but was not included in the User Groups that you have setup in Manage > Policies > User Groups, you can potentially edit one of your existing User Groups to include the target... or create an additional separate User Group to include the file server and include that group in the "groups" tab of the existing policies in order to ensure that it can be included in them