Endpoint Protection

We have issue that the total number of client in AD is not equal or close enough on clients in SEPM.

We already upgrade our SEPM from 12-14 per support to solve this but still total clients is not correct.

Any suggestion how to solve this?

Are you importing everything from AD or only specific groups? This could be a reason.

Otherwise, sounds like you have a support case opened so may as well keep working with them.

everything from AD.

Support suggest to upgrade but after the successful upgrade still we have problem

They should be made aware that upgrading was not the solution.

What case number did they advise you to do this?  How far off is the count?

are you counting users or only computers?

Are you importing the clients from a OU ? Right click that specific group and try "Sync Now".

@John Owens - I sent you message on Case#... more or less 1k clients are missing..
 

@Rafeeq - we only count computers not users

@D_Mortal - already did that we also have 12hrs sync job 

What I noticed is:

the missings computers are offline when i check in SEPM but when i remote those random machines they have SEP installed and connected to SEPM.

Were these cloned machines? If so, could be the duplicate HWID issue.

http://www.symantec.com/docs/TECH163349

Offline clients will be added to the count, Did you create a report for only online computers and thats where the miss match was?

i created the report with filter only date.... online and offline are included. 

@Brian - i believe they are but not all.. because they reimage 

Do you have Duplicate Hardware IDs?

https://support.symantec.com/en_US/article.TECH163349.html

If you are running SEP 14 RU1 MP1 you can add the settings to the conf.properties on each of your SEPMs.

Wait a few days and the counts should get closer.

From the same document you can run the tool SEPM Repair tool on each of your SEPMs to identify the clients with this duplicate Hardware ID issue.

Thanks,
John