Computers that are deleted from Active Directory are not being deleting from the Notification Server database.

There can be several reasons that computers may not be deleted from the Notification Server database after being removed from Active Directory.

1. If the computer is set to a status other than Active, it will not be removed.
2. If the Import Rule that the computer was imported with no longer exists, the computer will not be removed.
3. If the computer was never imported by the Microsoft Active Directory Component, it will not be removed.
4. If the computer shows that it has been deleted in the ItemResource table.
5. Directory Synchronization does not remove computers that are managed; it lets Purge Maintenance take care of those computers.

Run the following SQL to determine the reason that the computers are not being deleted then do the appropriate action to correct it.

Select i.guid, i.name as 'Computer Name', 'Reason' =
Case
When ra.ResourceAssociationTypeGuid = '3028166F-C0D6-41D8-9CB7-F64852E0FD01'
and childresourceguid not like '0A0203A5-D2B6-49F1-A53B-5EC31A89437C'
Then 'Computer is not active'
When i.guid in
(select ii._resourceguid
from inv_import_rule_imported_items ii
join vitem i on i.guid = ii._resourceguid
where _resourceguid not in
(select _resourceguid
from inv_import_rule_imported_items
where importruleguid in
(select guid
from vitem
where classguid = 'B2378265-2779-49E6-998D-8BE620B3D9D9'))
and i.classguid = '539626D8-A35A-47EB-8B4A-64D3DA110D01')
Then 'Import Rule no longer exists'
When i.guid not in
(select i.guid from vitem i
join inv_import_rule_imported_items ii
on ii._resourceguid = i.guid
Where i.classguid = '539626D8-A35A-47EB-8B4A-64D3DA110D01')
Then 'Computer does not have import information (Generally means it was not imported)'
When i.guid in
(select guid from itemresource
where deleted = 1)
Then 'The resource shows that it has been deleted in the ItemResource table'
When i.guid in
(Select guid from vcomputer
Where ismanaged = 1)
Then 'Directory Synchronization does not remove machines that are managed it lets Purge Maintenance take care of those computers.'
Else 'This computer WILL be deleted when removed from Active Directory'
end
from vitem i
left join resourceassociation ra
on ra.parentresourceguid = i.guid
where i.classguid like '539626D8-A35A-47EB-8B4A-64D3DA110D01'
order by 'reason'

The resolution will depend on the cause. The attached report can be imported to help simplify the process.

1. If the computer is set to a status other than Active, it will not be removed. Find the computer in a report or collection and change the status back to Active or Delete it.
2. If the Import Rule that the computer was deleted with no longer exists, the computer will not be removed. Run the resolution in article 1815 to associate the computer with a current rule or delete it from the report.
3. If the computer was never imported by the Microsoft Active Directory Component, it will not be removed. Wait for Purge Maintenance or manually delete the computer.
4. If the computer shows that it has been deleted in the ItemResource table. Manually delete the computer from a report or collection.
5. Directory Synchronization does not remove computers that are managed; it lets Purge Maintenance take care of those computers. Wait for Purge Maintenance or manually delete the computers.

If there is a problem with the schedule it may also help to disable and renable the Directory Synchronization task through the Altiris console.

Upgrading to the Microsoft Active Directory Component 6.1.x  Resolves this problem if a previous version is currently installed. 

for 7.5 and later see TECH233402

Applies To

Notification Server 6.0.6074 SP3
Microsoft Active Directory Component* 6.1
Symantec Management Platform 7.0