Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 2 subscribers
  • Views 12897 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC 5.5.0 - AD Synchronization Interval Overrides Computer Description

B.Banner_Hulk

In the Sophos Enterprise Console, we are using AD Synchronization.  I have noticed that the Computer Description keeps changing.  This is what's going on:

1. SEC sync's with AD and pulls the description from AD.
2. Then later on the Sophos Agent service will send the description set on the endpoint and SEC will set that as the new computer description.
3. AD Synchronization interval triggers and sets the description back to what is set in AD
4. Again later on the Sophos Agent service will send the description set on the endpoint and SEC will set that as the new computer description.

This cycle goes on and on in a continuous loop.  I would prefer the SEC to not pull the description from AD at all and allow what's set on the endpoint to take place permanently.  Is there a setting I'm missing to make this happen?  I'm assuming disabling AD Synchronization would do that but I need the computer names to still sync with the correct groups.

Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    Hello B.Banner_Hulk,

    indeed - I've never noticed (no wonder as I don't use it in production). I assume you (or rather someone else) need the description in AD but as far as SEC is concerned you want the actual description set on the endpoint? AD sync can't be "customized", only if the AD Description is empty the endpoint's value wouldn't be overridden.

    Christian

  • 0 in reply to QC

    I'll blank one of the endpoints and post the results.  I suspect that it will still do the same, except now blank the description on each sync interval.

Reply Children
No Data
Unfiltered HTML