search cancel

Domain controllers are not being synchronized during AD on-prem sync using AD-GW agent in ICDm console

book

Article ID: 252644

calendar_today

Updated On:

Products

Endpoint Security

Issue/Introduction

When synchronizing AD forest that has DCs registered to the main AD Domain server using the AD gateway agent, the Domain controllers do not get synchronized to the domain group hierarchy in ICDm console.

After the Sync completion, the user will see the whole tree including all computers under managed/unmanaged devices as expected, however under domain controller>Unmanaged Devices or Managed Device the user will not see any DCs.

The user may as well have a SES Clients installed in these DCs already registered to the ICDm console, under a group under Default Device group, and after the AD sync integration, these Clients will not show under the Domain Controllers Device Group under the synchronized Domain with ICDm.

 

Based on the Documentation, the domain controllers should be synchronized as well:

"The AD Gateway gathers the AD topology such as domain users and user groups, domain computers, domain controllers, privileged users and groups, service accounts, SPNs, and their associated properties."

Environment

SES Client: 14.3 RU5 and earlier releases.

Resolution

No actions are required from customer's side.

The fix will be shipped with 14.3 RU6 as well as being pushed via MiniDM Defs update via LU to SES Clients version 14.3 RU4 and 14.3 RU5 by the end of Nov. 2022

Additional Information

CRE-11824