Hi,
We are running a SEPM (14.1) with SQL database in our environment and presently want to add a replication partner for failover functionality. The Primary SEPM is AD sync as of now and we want to break it as its causing lots of administrative troubles for us. Is there a way to add a secondary SEPM server (replication partner) and NOT have the AD tree structure imported to it?
I know that if I break the AD sync in the primary SEPM, all the clients will start reporting to the "default" group and then they need to be manually moved to their designated groups. But we want to avoid this trouble as we have almost 200 different groups to which these clients are reporting.
What if we build a seperate SEPM (the secondary SEPM without AD sync) and export all the policies (virus &spyware\exceptions\Intrusion Prevention etc) from primary SEPM (which is AD sync) and import it into this secondary SEPM. Create different groups as per our liking and then apply these policies on these groups and then slowly start moving the clients from the primary SEPM into secondary one by replacing the Sylink on clients?
Any suggestions? I might be wrong but just wanted to check alternatives available. Thanks!