Scope of Management (SoM) Policy

SoM Policy has been reorganised as Active Directory Sync and Inactive Computer Policy for improved control and clarity. Active Directory Sync  feature in Endpoint Central is designed to automate the discovery, addition, and removal of computers in your IT environment by synchronizing with Active Directory (AD). Inactive  Computer Policy helps in identifying and removing devices that have not reported to Central server in the specified days.

Advantages

• Automated Computer Management based on Active Directory: Automatically detect and add new computers when they are added to AD. You can choose to either install the Endpoint Central agent and receive notifications or just get notified about the addition of devices
  Detect and delete computers that have been removed from AD, ensuring your inventory remains up to date and free of obsolete entries. You can opt to delete the computer from Scope of Management (SoM) and receive notifications or just get notified.
• Automated Inactive Computer Removal: Automatically detects and removes computers based on the device last contact time with Central server.
• Centralized Sync Settings: Configure sync schedules for each domain, allowing you to control how frequently Endpoint Central synchronizes with AD. This ensures that changes in your directory are reflected promptly in your management console.
• Targeted Synchronization: Select specific targets (Domains, OUs, or Groups) for streamlined AD management.
• Notification Settings: Provides updates on SoM activities, improving monitoring.

Active Directory Sync

Detect and Add New Computers

Automatically manages new devices added to AD by integrating them into the SoM.

• Automated Agent Installation: Installs the agent on newly detected AD computers, bringing them under Central Server management.

  Note:
  i)If IP scope for remote offices is not configured, the local office agent will be installed by default, which can be manually modified later.
  ii) If you do not want to install agents on specific computers that have been newly added to Active Directory, you can exclude them from agent deployment using the SoM Policy.

• Email Notifications: After agent installation, Central Server sends an email notification to administrators.
• View and Manage Added Computers: Navigate to Agent > SoM Policy > View Sync Information > Show > Added Computers to monitor recent additions.

Detect and Delete the Removed Computers

• Detects and removes computers deleted from AD, helping keep SoM and AD environments synchronized.
• Navigate to Agent > SoM Policy > View Sync Information > Show > Deleted Computers to view the list of computers that are removed from Active Directory.

Kindly note that if you want to view the list of computers that are removed from Scope of Management, you can view them in Action Log Viewer for a specific period of time.

Sync Settings

The discovery of computers from Active Directory for a specific domain depends on the configured sync schedule for that domain. To change the sync settings for a specific domain, Navigate to Agent > Domain > Select the desired domain > Choose Modify Sync from the actions menu to modify the sync details

Targets to be synchronized

This feature helps you to sync specific Domain, OU or group during AD Sync.

Inactive Computer Policy

Detect and Delete Inactive Computers

• Automatically detects and remove the computers that have not reported to the central server in the specified number of days. To know more about inactive computer policy, click here.

Kindly note that once devices are removed from the Scope of Management (SoM), the agent will get automatically uninstalled in the next referesh cycle.

Notification Settings

Configures specific email alerts to receive updates on changes and activities within the SoM, keeping administrators informed.