About domains

Article:HOWTO55042  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55042
Article Type
How To


About domains

When you install a management server, the Symantec Endpoint Protection Manager console includes one domain, which is called Default. A domain is a structural container in the console that you use to organize a hierarchy of groups, clients, computers, and policies. You set up additional domains to manage your network resources.


The domains in Symantec Endpoint Protection Manager do not relate to Microsoft domains.

Each domain that you add shares the same management server and database, and it provides an additional instance of the console. All data in each domain is completely separate. This separation prevents administrators in one domain from viewing data in other domains. You can add an administrator account so that each domain has its own administrator. These administrators can view and manage only the contents of their own domain.

If your company is large, with sites in multiple regions, you may need to have a single view of management information. You can delegate administrative authority, physically separate security data, or have greater flexibility in how users, computers, and policies are organized. If you are a managed service provider (MSP), you may need to manage multiple independent companies, as well as Internet service providers. To meet these needs, you can create multiple domains. For example, you can create a separate domain for each country, region, or company.

See Adding a domain.

Figure: Overview of Symantec Endpoint Protection Manager domains

Overview of Symantec Endpoint Protection Manager domains

When you add a domain, the domain is empty. You must set the domain to be the current domain. You then add groups, clients, computers, and policies to this domain.

You can copy policies and clients from one domain to another. To copy policies between domains, you export the policy from the originating domain and you import the policy into the destination domain. To copy clients between domains, you use the SylinkDrop tool. This tool replaces the communication file on a client to allow the client to talk to a different management server.

See Recovering client communication settings by using the SylinkDrop tool.

You can disable a domain if you no longer need it. Ensure that it is not set as the current domain when you attempt to disable it.

See Setting the current domain.

Legacy ID


Article URL http://www.symantec.com/docs/HOWTO55042

Terms of use for this information are found in Legal Notices