Jump to content

Clients without FQDN always show up in Lost & Found


Marvin
 Share

Recommended Posts

For some reason we have clients with FQDN (workstation.mydomain.com) and some without FQDN (computer name or workstation.local) listed in Remote Administrator. Now the funny thing is, that the clients with full qualified domain name are shown in the AD OU as they suppose to, but clients without FQDN are always showing up in the Lost & Found container.

So, if you move the clients without FQDN into the correct AD OU they will remain there for a couple of days before they automatically are moved back to Lost & Found again.

What can I or do I have to do, so that all Clients are shown with their FQDN and furthermore are not moved into the Lost & Found where they don't belong?

Link to comment
Share on other sites

@Marvin - Assuming it may be related to the auto computer renaming task that runs under server tasks.

which does the correction every now and then. Or perhaps your AD synchronization task find those computer objects as a duplicate to the names it has in the AD OU and moves them to lost and found. 
You should use the rename computers task to correct all computers to a single convention, and remove duplicates keeping only the objects with Agents\AV installed and copying them over to the right place in the AD OU (while those who exist with the duplicate name should be deleted)
also, deny ERA from keeping computers with duplicate names, thus eliminating the possibility of having duplicate computers where one is related to the AD while the other related to the lost and found.

Link to comment
Share on other sites

At last someone came up with helpful information - thanks a lot @avielc

I will definitely try your suggested solution and will give you a feedback. Last but not least I have to mention, that I haven't got any duplicates. I only have one (with FQDN) or the other (without FQDN), but never the same client.

Link to comment
Share on other sites

Sure mate

I don't have either(currently), but I used to have my computer list duplicated (when I first moved to ERA 6) and occasionally when I change computer names or have this little glitches I get the same name (or one with FQDN and another without) one in the AD OU and another in Lost & Found

Link to comment
Share on other sites

  • ESET Staff

I guess you are using AD synchronization task configured so that it removes computers that are no longer available in AD. Matching of computers is based on name, where name must match exactly. For example if you have in AD computer name "computer.mydomain.com" but computer with name "computer" is found in synchronized group, it is considered as different device and thus removed. It will also create new non-managed computer named computer.mydomain.com.

Regarding name of computer, there are two possibilities -> computer was either named by reverse-DNS lookup of its IP address, or FQDN reported by AGENT itself was used. Please check this specific client's details view, section "Device identifiers" whether it reports correct FQDN. If so, you may use computers renaming task to rename computer. If reported FQDN is not correct, please check configuration of this client as it is highly probable that operating system reports wrong hostname.

Link to comment
Share on other sites

  • ESET Staff
2 hours ago, Bogdan Husdup said:

Is there any possibility to move/stick permanently to a static group the computers from Lost & Found ?

Thanks

Could you be more specific? You want to skip computer removal or move during AD/LDAP synchronization task in case computer is no longer present or was moved in AD hierarchy? Or you would like to prevent ERA users to move computer?

Link to comment
Share on other sites

Is there any possibility to move such non domain computers to domain structure (static group) automatically? Currently we move computers manually.

Link to comment
Share on other sites

  • ESET Staff
1 hour ago, Miami said:

Is there any possibility to move such non domain computers to domain structure (static group) automatically? Currently we move computers manually.

Not sure how would it work - you would like to define some "rules" that will automatically move computers? There is currently no way how to automatize change of device location in static groups hierarchy except using AD/LDAP/VMWare synchronization tasks or import/export of static groups hierarchy.

Recommended solution since ERA 6.4 is to install AGENT with configured "Static group" and upon first connection, computer should be created in specified static group instead of default Lost&Found.

 

Link to comment
Share on other sites

On 3/23/2017 at 6:19 PM, MartinK said:

Could you be more specific? You want to skip computer removal or move during AD/LDAP synchronization task in case computer is no longer present or was moved in AD hierarchy? Or you would like to prevent ERA users to move computer?

I'm referring on computer which are in Lost & Found. I move them in the static groups but after sync with AD they are moved back in Lost & Found. As another user said, is there any possibility to avoid this issue? (that after resync with AD the computers which was moved in some static groups to remain there?)

Thanks

Link to comment
Share on other sites

  • ESET Staff
19 minutes ago, Bogdan Husdup said:

I'm referring on computer which are in Lost & Found. I move them in the static groups but after sync with AD they are moved back in Lost & Found. As another user said, is there any possibility to avoid this issue? (that after resync with AD the computers which was moved in some static groups to remain there?)

Thanks

Could you provide your AD synchronization task configuration parameters? Especially your settings of Computer creation collision handling, Computer extinction handling  and Group extinction handling.

These parameter may be cause of your issue as they configure how task will handle computers that are no longer in AD (documentation) which is your case.

 

Link to comment
Share on other sites

1 hour ago, Bogdan Husdup said:

I'm referring on computer which are in Lost & Found. I move them in the static groups but after sync with AD they are moved back in Lost & Found. As another user said, is there any possibility to avoid this issue? (that after resync with AD the computers which was moved in some static groups to remain there?)

Thanks

For us its working with this configuration:

Task type: static group synchronization

Settings:

Objects to synchronize: Computers and Groups

Computer creation collision handling: MOVE

Computer extinction handling: SKIP

Group extinction handling: SKIP

Ignore disabled computers (only in AD): NO

Link to comment
Share on other sites

  • 4 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...