locked
Exclude computers from discovery RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    I have a AD site, only one OU, my all computers are is same OU, but I don't want to discover all this computer, how can I exclude this computers from discovery?
    Thursday, September 17, 2009 12:07 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    You can also deny the site server permissions to read objects from the OU that has the computers in it.

    And reply to torsten... THis is quite common.
    John Marcum | http://www.TrueSec.com/en/Training.htm | http://myitforum.com/cs2/blogs/jmarcum
    Thursday, September 17, 2009 5:42 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    Why do you want to do that? Does not make sense to me.
    Thursday, September 17, 2009 12:41 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi, JRSCE!

       If you do not want to discover some of computers, move them to different OU, and configure discovering to OU that are you need. If you want to prevent push installations on some computers, read following article http://myitforum.com/cs2/blogs/yli628/archive/2007/12/11/sccm-2007-how-to-prevent-the-client-software-from-being-installed-on-specific-computers.aspx
    MCSE: M+S, SMS/SCCM, CCNA
    Thursday, September 17, 2009 2:41 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    You can also deny the site server permissions to read objects from the OU that has the computers in it.

    And reply to torsten... THis is quite common.
    John Marcum | http://www.TrueSec.com/en/Training.htm | http://myitforum.com/cs2/blogs/jmarcum
    Thursday, September 17, 2009 5:42 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks guys I will try this :)
    Torsten, each busines have your own requirement, making sense or no :)

    Regards,
    Thursday, September 17, 2009 10:26 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Best thing to do if you can create another OU is to Move all excluded Machines to other OU and Use LDAP path of Required OU to discover machines..

    If you don't have any other reasons to System discovery/ or limited access to AD.. you can use other ways of Client installation (CIS,WSUS loginscript for group of computers, IF it is small environment CCrs etc) and disable Discovery :)
    Friday, September 18, 2009 6:56 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Using the LDAP path to each and every OU become problematic in larger environments that may have hundreds of OU's. I still say stick them all in an OU and deny the site server read access to the OU.
    John Marcum | http://www.TrueSec.com/en/Training.htm | http://myitforum.com/cs2/blogs/jmarcum
    Friday, September 18, 2009 7:03 PM