Endpoint Encryption

Hello,

I have set up a SEE 11.1.2 SEEM server. I have deployeed the SEE client to a workstation.

Once installed, the SEE client checks in to the SEEM server every 5 minutes.

I have applied the SEE GPO based policy at the domain level.

When I run gpresult it shows that the workstation is downloading the GPO based policy.

However, the SEE client does not appear to be picking up the GPO based policy because the client is showing up in SEE Unassigned.

I can send commands to the SEE client from the SEEM server.

What could be preventing the SEE client from moving from SEE Unassigned.

Cheers

Cameron Mottus

This usyally means you haven't setup the AD sync on the Management Server, or it's not working.  Could you take a look?

Hi,

I just ran the SEEM Configuration Manager and confirmed that the service is synching every 15 minutes (default).

I ran a full synchronization. Still no change.

Active Directory Forests Synchronization Status Report

Embarasing as it sounds, I had excluded the domain from the forest...so obviously it would not detect any computers.

I removed the exclusion and the computer was detected.

Thanks for your help!

Oops!  Glad you got it sorted.

As I mentioned, the typical cause for domain-member SEE clients staying in "SEE Unassigned" is due to issues with the AD-sync.  The "SEE Unassigned" folder (as well as other customer folders and native policies) is used for workgroup machines.

That said, I personally prefer to use the Custom Folders and Native policies even in an AD enabled estate, as it means less GPO bloat and is more transparent.  To each his own!