Mahesh
asked on
What is the purpose of symantec end point protection manager integration with active directory
Currently we have SEPM server 12.1.6 and Ad integration is not configured
Unable to understand why this is required and what it can do, is there any complications in doing so?
The available Symantec documentation is very poor and unable to understand it.
Any help is highly appreciated
Unable to understand why this is required and what it can do, is there any complications in doing so?
The available Symantec documentation is very poor and unable to understand it.
Any help is highly appreciated
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks all for replies so far.
The client wanted to know exact implications which can arise after Symantec integrate with AD
Now I understood that there would be AD sync which can remove or add computers to SEPM console.
Two questions which I am not able to understand:
1) If we decided to have setup AD Sync, do I need to setup it on AD root container and it should sync all computers in AD to SEPM
OR
I have to specify specific OU from where it can sync computers? I mean what happens if I don't want to import any organizational units from AD
2) I also read somewhere once I did AD integration I cannot move computers from SEPM console.. What is exact behavior after AD integration?
Thanks
The client wanted to know exact implications which can arise after Symantec integrate with AD
Now I understood that there would be AD sync which can remove or add computers to SEPM console.
Two questions which I am not able to understand:
1) If we decided to have setup AD Sync, do I need to setup it on AD root container and it should sync all computers in AD to SEPM
OR
I have to specify specific OU from where it can sync computers? I mean what happens if I don't want to import any organizational units from AD
2) I also read somewhere once I did AD integration I cannot move computers from SEPM console.. What is exact behavior after AD integration?
Thanks
ASKER
Any response / update on above queries please
One of the side effects of AD integration is that SEPM populates with all of your Users and Computers that are in AD and puts them into groups based on your OUs. You cannot move them into seperate groups in SEPM like you can do if not AD integrated. I see AD integration working in a larger organisation that has an extensive OU design and would want to manage groups in SEPM using that design. It saves on sorting and moving Computers into groups manually if you already have that in AD.
ASKER
Hi Don,
You have answered 1st question of my last comment, many thanks
If you could please shade some light on 2nd question
You have answered 1st question of my last comment, many thanks
If you could please shade some light on 2nd question
ASKER
what do you mean by push your install on OU or whole domain?
What this integration piece exactly do?
What will change after AD integration is done?