SEC Still hasn't managed several computers on the network

Question

The situation I have is that SEC has successfully installed and managed 91 of the 268 machines in our AD. Unfortunately it's not well organized, so out of those 268 some connect to the network occasionally, some everyday, and some have been retired for years.

At this point I know that there are computer frequently on the network not being managed, just giving a 0x0000002e error. SEC is set to sync every 60 min, so it seems these machines should be getting pushed to.

I've read all the documentation and every relevant kb. My GPO has every firewall exception and automatically starts every service that Sophos recomends. It's very odd how it's working perfectly for some computers and not others.

Thanks in advance for any help.

This thread was automatically locked due to age.

QC · Accepted Answer

Hello DJfound,

I understand that you are using AD sync with automatic protection, correct?

SEC is set to sync every 60 min ... these machines should be getting pushed to

AD sync with automatic protection is not very well suited for initial setup - while it will mirror the AD structure and import the computers protection will fail for any endpoint not online at the time of initial sync. Contrary to (your) expectations protection will not be re-attempted in case of an error.

One way to re-trigger protection would be to move the computers out of the sync'ed container, wait until they are moved from the sync'ed group to Unassigned, delete them from Unassigned and move them back to the original container when they are online (otherwise protection will once more fail). It's probably better to consider some alternate method like Deploying Endpoint Security and Control through Active Directory group policy.

Christian