Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Duplicate Computer in AD Synched Groups

Created: 25 Sep 2012 | 11 comments

I have a computer that appears in two AD synched groups.  In AD the computer does appear in one of the OU's, but not the other.  On the SEPM, it appears in both Groups, but when querying the client it is actually getting group information and policy from the "ghost" entry on the SEPM.  I can't delete either object on the SEPM (as they are both synched from AD) and a manual sync and a restart of both server and client have not corrected the issue.  I even performed a clean wipe of the client and reinstalled it, and have not had any success.

Any suggestions?

Comments 11 CommentsJump to latest comment

_Brian's picture

You should be able to delete the groups in SEPM, re-create and import and sync again.

What version is this for?

Similar thread here:

https://www-secure.symantec.com/connect/forums/orp...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Wright1968's picture

I would have to delete the top level OU/Group in SEPM to do this.  Won't that make me lose all my customized location and policy settings for individual groups under that entire heirarchy?

This is on a SEP 11.0.6200.754 server.

_Brian's picture

Yes, if you have to do it this way than you would lose all groups. Probably not what you would want than.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Rafeeq's picture

Export all your policies, delete groups, import OU again.

Import policies.

here is the doc to do it

http://www.symantec.com/business/support/index?page=content&id=TECH106486

Mohan Babu's picture
  • Delete both the OU and import it again from the AD.

  • Let me know on both the groups the same client showing green dot or not.

  • Goto SEPM-->Admin-->Servers-->Localhost-->

  • You have a option Delete clients which is not connected for 30 days 

  • Make it has 1 day.

  • If this option is not available on your SEPM then

  • Goto SEPM-->Admin-->Domain-->Edit domain properties

  • You have a option Delete clients which is not connected for 30 days 

  • Make it has 1 day.

  • Within 24 hours the Duplicate clients will be deleted.

  • Issue will be resolved.

 

Hope this resolves the issue.

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

John Santana's picture

ok, so how about if someone is away from the office for 1 month and then bring their laptop in ?

can their laptop be joined and managed by the SEPM server again ?

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Ashish-Sharma's picture

HI,

  • When communication mode is set to Pull, the SEP client will check in again at the next heartbeat interval.
  • When communication mode is set to Push, the SEP client does not fully disconnect, which allows any policy changes made in SEPM to occur immediately on the SEP client.

http://www.symantec.com/connect/articles/symantec-endpoint-protection-heartbeat-process

Next heartbeat interval you sep client showing in sepm console.

Thanks In Advance

Ashish Sharma

 

 

John Santana's picture

thank you Ashish !

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Ashish-Sharma's picture

Removing duplicate clients from the Symantec Endpoint Protection Manager using the CleanClients tool

http://www.symantec.com/business/support/index?page=content&id=TECH97371

 

Thanks In Advance

Ashish Sharma

 

 

Mithun Sanghavi's picture

Hello,

Either work on the steps provided in the Article below:

Duplicate client entries in the Symantec Endpoint Protection Manager console

http://www.symantec.com/docs/TECH138350

OR / AND

Use this link to delete the duplicate entry

http://127.0.0.1:9090/servlet/ConsoleServlet?Actio...

Reference: 

Removing duplicate clients from the Symantec Endpoint Protection Manager using the CleanClients tool

http://www.symantec.com/docs/TECH97371

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mohan Babu's picture

Yes, if the Laptop is gone away more than 30days the settings will delete the entry fom the SEPM database.

However when the Laptop is back it will register wiith SEPM and it will be listed on SEPM database...

So our vision is to remove the dupliate entries. Without affecting the existing clients.

It will be done if you set the option to 1 day as i suggested previously. 

 

 

Let me know the status....... Hugs....

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)