Endpoint Protection

 View Only

  • 1.  Need to move pc from AD group to SEPM group

    Posted Jul 23, 2014 07:36 PM

    Hi

    This is my scenario.

    In SEPM (v12.1)

    I have Group A, which is at top of the tree, and below it is groups of AD synched groups.

    Then there is Group B, which is also on top of a tree, and below it are SEPM groups.

    Not sure who has setup Group B, but there are some clients there.

     

    I need to move a client from AD synched group, to a sub group under Group B.

    How will i be able to achieve this?

     

    One way i am thinking is to export the sylink from the group under GROUP B, then drop it to the client.

    Would this move the client?

     

    Thanks,

    DM



  • 2.  RE: Need to move pc from AD group to SEPM group

    Posted Jul 23, 2014 07:38 PM
    You need to move it in AD. Otherwise you can move it with the move clients.vbs utility


  • 3.  RE: Need to move pc from AD group to SEPM group

    Posted Jul 23, 2014 08:40 PM

    If you have integrated AD, then you will see your AD structure, a blue print.

    You need to move the client in the AD, you cannot move within SEPM or by sylink.

    If you dont want AD sync, you can delete the top level OU, all the clients end up in the default group, create new groups and move them.



  • 4.  RE: Need to move pc from AD group to SEPM group

    Posted Jul 23, 2014 08:55 PM

    Hi Rafeeq

     

    Only parts of the AD is synched.

    The thing is, someone else before my time here has already created a SEPM group. And within it, there are some clients.

     

    These same clients are actually in an OU in the AD, which should be synchronising with SEPM. However, they are not. Instead these clients are in SEPM's own Group. (Which is GROUP B from my scenario).

     

    So i was wondering how this was done? And how come these clients are not getting synched backed to GROUP A, when the AD synch happens.

     

    Thanks,


    DM



  • 5.  RE: Need to move pc from AD group to SEPM group

    Posted Jul 23, 2014 09:14 PM

    They might have synched AD, may be after the initial one its not synching any more. the onces which are from AD, do you see the green dot on them?

    click on admin  =servers- right click on the server below site name and check the directory servers tab are these set? If you could post a screen shot it would be nice..



  • 6.  RE: Need to move pc from AD group to SEPM group

    Posted Jul 23, 2014 09:24 PM

    You can delete the group (all clients move to default group) and re-create it in the SEPM, see if it syncs up again.



  • 7.  RE: Need to move pc from AD group to SEPM group
    Best Answer

    Posted Jul 24, 2014 05:03 AM

    The clients are in group B because someone copied (not moved!) them from the AD synched group. Try to delete the client in the SEP group. It should reappear in the AD group.

    And how come these clients are not getting synched backed to GROUP A, when the AD synch happens.

    Synching in SEPM context means that the AD group is synching itself with the Windows AD. That does not mean that clients which have been copied in a SEP group (B, in your case) will come back.



  • 8.  RE: Need to move pc from AD group to SEPM group

    Posted Jul 24, 2014 07:11 PM

    Thanks Greg.

    That did the trick!!

    http://www.symantec.com/business/support/index?page=content&id=TECH142225

     

    DM