tcmclijs 1 Posted April 16, 2015 Posted April 16, 2015 Hi, We have configured a Dynamic group based on an expressing where the application ESET Endpoint Antivirus = false. But the new clients that have an agent installed always show up in the Lost & Found container. I dont want them there beacause there are no correct policys on that container. The strange thing is that in the container view, wich is recplicated from Active Directory, the client is shown in its AD OU and in the Lost & Found container. In the lost & found container the client is displayed in Red and configurerd with an agent. The client in the origina AD OU is standard, like there in nog agent installed. So why does the Remote Administrator show them twice, one correct and one not correct besides the fact that it is displayed in the lost & Found container. thanks Tim
sleatcoc 1 Posted April 16, 2015 Posted April 16, 2015 (edited) I also have this issue. Initially when I first sync'd AD - I had two copies, one in its respective folders and one in Lost and Found. Shouldn't there be some kind of unique ID that prevents it from creating duplicates at different location and shouldn't it take the path of the AD location as default, not in lost and found? I presume the lost and found was originally intended for rogue workstations. -----update------ I think i figured out why mine's going into lost and found. So when there's 600+ alerts, and I couldn't figure out how to clear the alerts (the client endpoints didn't show any in the logs or scans), so I marked everything and started deleting them. There's a prompt that asks you to confirm stating policies, triggers, etc.. will be lost for these clients if you delete it... I didn't read and just accepeted it. Needless to say, a good bulk of it that weren't in the correct folders in AD and were in the lost and found of ERA. Edited April 16, 2015 by sleatcoc
tcmclijs 1 Posted April 17, 2015 Author Posted April 17, 2015 Hi, My policys are still in place. The weird thing is that the client names are different. In Active Directory OU they are displayed like pcname.domain.com and in the lost and found they are displayed only by pcname without domain name. Why do they not match or link to each other.
sleatcoc 1 Posted April 19, 2015 Posted April 19, 2015 (edited) Double check your AD Synchronization Server Task, should have: * Computer Creation Collision Handling : Move * Computer Extinction Handling : Skip Then this will run each time server is turned on or when you activate it. It will reconcile the names with the correct group that it belongs to in accordance with AD. Edited April 19, 2015 by sleatcoc
totoro042 0 Posted April 24, 2015 Posted April 24, 2015 I have the same issue. Sync task populates groups with clients like client01.contoso.com. After I install agent there, new item client01 (without domain name) is created next to client01.contoso.com, which is still marked as "unmanaged".Switching "Computer Creation Collision Handling" doesn't seem to affect anything. I still have a managed client01 computer and an unmanaged client01.contoso.com in my console.What I need:1. Remove duplicated items. At very least, stop them from reappearing after sync2. Make console show FQDN for managed computers instead of machine name only
wtrueman 0 Posted April 30, 2015 Posted April 30, 2015 I have exactly the same issue, but its not every client, which is frustrating. We have 2 domains we manage, I have only set one up for now, but it's set to put the domain computers in a separate container under All (e.g. All --> Domain 1), some computers are in the correct AD container whereas others appear in Lost & Found, there appears to be no pattern or logic to why some are in the correct place while some are not. Has anyone managed to figure this out yet? I have tried the suggestions on this thread but have had no luck.
totoro042 0 Posted May 13, 2015 Posted May 13, 2015 Two weeks have passed since the last post and still no feedback from Eset. Loooks promising
ESET Staff michalp 20 Posted May 13, 2015 ESET Staff Posted May 13, 2015 ERA 6.2 will have new server task that will batch rename computers by their reported FQDN or Netbios name. By default this will be defined for Lost and Found group and executed each hour. Other new feature in synchronisation task will remove duplicated unmanaged computers (marked with circle) and replace them with managed computers (agent connects to ERA) if there are any present in ERA tree. Collision handling for computers would need to be set to Move. These new features should solve problems described here in this thread. What will still need to be done manually is removal of duplicated computers that are managed - both were connecting to ERA Server and their names are same.
grimstoner 0 Posted June 11, 2015 Posted June 11, 2015 Any news on a release date? Might this be related to incorrectly configured Reverse Lookup Zones in DNS?
JeremyT 0 Posted July 14, 2015 Posted July 14, 2015 You may need to check your DNS server on this one. I had a problem where many computers were going into the Lost & Found group upon Agent Install, but I found out our DNS server was not updating pointers for some reason.
theskyisthelimit99 0 Posted October 8, 2015 Posted October 8, 2015 I also have the same issue with new machines going to lost and found.. was there ever a fix for this? (and duplicate machine names due to more than one nic)...
davidpitt 4 Posted November 10, 2015 Posted November 10, 2015 Is there not a rule/task we could create to automatically move machines to certain folders based on an expression?
Recommended Posts