1
Go to Systems | System Tree | Group, then select the desired group in the System
Tree. This should be the group to which you want to map an Active Directory container.
NOTE:
You cannot synchronize the My Organization or Lost&Found groups of the
System Tree.
Figure 13: Synchronization Settings page
2
Next to Synchronization type click Edit. The Synchronization Settings page for the
selected group appears.
3
Next to Synchronization type select Active Directory. The Active Directory
synchronization options appear.
4
Select the type of Active Directory synchronization you want to occur between this group
and the desired Active Directory container (and its subcontainers):
• Systems and container structure — Select this option if you want this group to truly
reflect the Active Directory structure. When synchronized, the System Tree structure
under this group is modified to reflect that of the Active Directory container it's mapped
to. When containers are added or removed in Active Directory, they are added or
removed in the System Tree. When systems are added, moved, or removed from Active
Directory, they are added, moved, or removed from the System Tree.
• Systems only — Select this option if you only want the systems from the Active
Directory container (and non-excluded subcontainers) to populate this group, and this
group only. No subgroups are created like when mirroring Active Directory.
5
Select whether a duplicate entry for the system will be created for a system that already
exists in another group of the System Tree.
TIP:
McAfee does not recommend selecting this option, especially if you are only using the
Active Directory synchronization as a starting point for security management and use other
System Tree management functionalities (for example, tag sorting) for further organizational
granularity below the mapping point.
6
In Active Directory domain, type the fully-qualified domain name of your Active Directory
domain.
7
In Active Directory credentials, type the Active Directory user credentials that ePolicy
Orchestrator uses to retrieve the Active Directory information.
8
Next to Container, click Browse and select a source container in the Select Active
Directory Container dialog box, then click OK.
9
To exclude specific subcontainers, click Add next to Exclusions and select a subcontainer
to exclude, then click OK.
Organizing Systems for Management
Creating and populating groups
McAfee ePolicy Orchestrator 4.0.2 Product Guide
58