Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 4973 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC - Mulitple domains, endpoints with the same name in different domains. Can this work?

BenRad

I am managing Sophos using SEC over multiple domains. I have AD sync set up on a number of OUs in each domain. I've noticed that some of our devs are requesting endpoints with the same name to be put into different domains. So, I have this:

Server1 in company.com (in our AD structure)

Server1 in qa.com (in our AD structure)

I have AD  Synchronization set up on a "Servers" OU in company.com and qa.com.

Results seem to vary.  In SEC, Server1 from company.com shows up in the qa.com OU (in SEC) and Server1 from qa.com shows up in Unassigned. I've removed synchronization and added it again on both domains, and the problem persists.

Any ideas?

:51824


This thread was automatically locked due to age.
Parents
  • 0

    Hello BenRad,

    Support should be able to tell how it is supposed to work - I have no experience with such a setup.

    Anyway, a few questions to better assess what you observe:

    Did you, at any point, delete one or both servers from the console (I'm not suggesting you should do so)?

    The "Servers" OUs are under two different synchronization points?

    Both servers appear managed and "alive"?

    The endpoints show a different Domain/Workgroup in the Computer Details view, right? When you removed the synchronization, did you move both endpoints to their "correct" group, leave them where they were or ...? What happens if you remove synchronization, move both to Unassigned and then sync only one of the OUs (repeat syncing the other)? Is the result correct? If you then also sync the other OU ...?

    Wonder why an endpoint should end up in the wrong SEC group (unless all sync points are treated as one where no duplicate computers are allowed). 

    Christian

    :51868
Reply
  • 0

    Hello BenRad,

    Support should be able to tell how it is supposed to work - I have no experience with such a setup.

    Anyway, a few questions to better assess what you observe:

    Did you, at any point, delete one or both servers from the console (I'm not suggesting you should do so)?

    The "Servers" OUs are under two different synchronization points?

    Both servers appear managed and "alive"?

    The endpoints show a different Domain/Workgroup in the Computer Details view, right? When you removed the synchronization, did you move both endpoints to their "correct" group, leave them where they were or ...? What happens if you remove synchronization, move both to Unassigned and then sync only one of the OUs (repeat syncing the other)? Is the result correct? If you then also sync the other OU ...?

    Wonder why an endpoint should end up in the wrong SEC group (unless all sync points are treated as one where no duplicate computers are allowed). 

    Christian

    :51868
Children
No Data