McAfee EPOCDE-AA-BA Product Guide - Page 126
Active Directory and NT domain synchronization, Active Directory synchronization, Types of tags
View all McAfee EPOCDE-AA-BA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 126 highlights
12 Organizing the System Tree Active Directory and NT domain synchronization Types of tags ePolicy Orchestrator uses two types of tags: • Tags without criteria. These tags can be applied only to selected systems in the System Tree (manually) and systems listed in the results of a query. • Criteria-based tags. These tags are applied to all non-excluded systems at each agent-server communication. Such tags use criteria based on any properties sent by the agent. They can also be applied to non-excluded systems on demand. Active Directory and NT domain synchronization ePolicy Orchestrator can integrate with Active Directory and NT domains as a source for systems, and even (in the case of Active Directory) as a source for the structure of the System Tree. Active Directory synchronization If your network runs Active Directory, you can use Active Directory synchronization to create, populate, and maintain part or all of the System Tree with Active Directory synchronization settings. Once defined, the System Tree is updated with any new systems (and subcontainers) in your Active Directory. Active Directory integration allows you to: • Synchronize with your Active Directory structure, by importing systems and the Active Directory subcontainers (as System Tree groups) and keeping them up-to-date with Active Directory. At each synchronization, both systems and the structure are updated in the System Tree to reflect the systems and structure of Active Directory. • Import systems as a flat list from the Active Directory container (and its subcontainers) into the synchronized group. • Control what to do with potential duplicate systems. • Use the system description, which is imported from Active Directory with the systems. In previous versions of ePolicy Orchestrator, there were the two tasks: Active Directory Import and Active Directory Discovery. Now, use this process to integrate the System Tree with your Active Directory systems structure: 1 Configure the synchronization settings on each group that is a mapping point in the System Tree. At the same location, you can configure whether to: • Deploy agents to discovered systems. • Delete systems from the System Tree when they are deleted from Active Directory. • Allow or disallow duplicate entries of systems that already exist elsewhere in the System Tree. 2 Use the Synchronize Now action to import Active Directory systems (and possibly structure) into the System Tree according to the synchronization settings. 3 Use an NT Domain/Active Directory Synchronization server task to regularly synchronize the systems (and possibly the Active Directory structure) with the System Tree according to the synchronization settings. 126 McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide