Clients going into unmanaged mode

All Replies

• Tuesday, November 03, 2009 2:06 AMNick Gu - MSFTMSFT, Moderator

   
  

  0

  Sign In to Vote

  Hi,

   

  Thank you for your post.

   

  As far as I know, MOM uses discovery rules to determine what the “desired” state of an agent is. When machines are deployed via the install/uninstall wizard or approved manually via Pending Actions a corresponding discovery rules is created for the machine with a desired state of Agent-managed. And FCS has a auto-approval feature where is hourly queries for manual installations and approves them. For some reason, the discovery cycle MOM thinks that you have deleted the discovery rule and no longer wish the computer to be agent managed. If the MOM servers action account is an admin on the client machine it will try to uninstall the agent on your behalf. If it is not, it will place the computer in Pending Actions with an action for uninstall.

   

  Regards,

  ---

  Nick Gu - MSFT
  • Reply
  • Quote

   
• Tuesday, November 03, 2009 3:36 PMKurt FaldeMSFT, Moderator

   
  

  0

  Sign In to Vote
  The main 2 reasons for computers going into pending  uninstall are
  
  1. Discovery rule was deleted for that system somehow.
  2. Computer account no longer exists in AD (ie you do pruning of accounts in AD and this one was removed recently possibly)

  ---

  CSS Security Support Engineer (FCS/MBSA/WUA/Incident Response) Check out my blog http://blogs.technet.com/kfalde

  • Marked As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, November 10, 2009 6:30 AM
  •  
  • Reply
  • Quote

   
• Friday, November 06, 2009 9:46 PMMGMNVA

   
  

  0

  Sign In to Vote
  Kurt,
  
   That answer helps a great deal. Is there an automated cleanup process to deal with these deleted accounts? I am looking at hundreds both comming and going.
  • Reply
  • Quote