Endpoint Protection

Hi,

I wanted to enable Directory Authentication for Admin accounts in Symantec Endpoint Protection Manager.  For this I've added Directory Servers in Servers tab.  Under Directory Servers, there is a checkbox called "Synchronise with Directory Servers".  What data records will it sync if I leave this check box enabled?  How does this setting affect my current SEP sites/servers?

Thanks!

"Synchronise with Directory Servers".  What data records will it sync if I leave this check box enabled? 

If it is enabled, it sync's every 24 hours (default), else it will not synch with directory servers. Consider if you add a user A in directory server and sync is not enabled, if you want to authenticate the user A for SEPM it will not be considered as SEPm does not have information of the User A.

The User, computer and the OU's are extracted when queried.

How does this setting affect my current SEP sites/servers?

It does not affect , only thing is SEPM will try querying the AD.

Hi,

Check the article- How to setup a SEPM administrator account to use your Active Directory authentication

http://www.symantec.com/business/support/index?page=content&id=TECH104726

I hope it will help you.

Thank you Pete and Chetan.

>> The User, computer and the OU's are extracted when queried.

Why should it query the computer and OU information.  Aren't user details sufficient?

Thanks!

For authentication only user group is queried, while exporting OU's the OU, Computer and Users are queried.