SCCM 2012 AD User Discovery - Exclude Domains RRS feed

  • Question

  • I have a 2012 SCCM environment in our network.

    We run the following discovery methods.

    AD Forest, AD Group, AD System, AD User, Heartbeat Discovery.

    When looking at Users within SCCM it is picking up Users from trust domains or other domains within the forest.

    For example I am based in the UK, I manage our SCCM 2012 environment and AD for UK.CompanyName.com, which is a child domain of CompanyName.com.

    When I check adisrdis.log it is discovering Users from other domains, but the discovery settings are only set to  LDAP OU=Domain Users,DC=uk,DC=CompanyName,DC=com.

    I think it is discovering these users from other domains because they are in AD groups from our Domain, and the box is ticked to "Discover objects within Active Directory Groups" (Screenshot attached)

    Is there a way of excluding other domains?

    Thanks Matthew

    Thursday, May 14, 2015 2:08 PM


  • If it's indeed discovering the users, of the other domain, because of the group membership, than there's not much that you can do besides not discovering objects within the groups.

    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

    • Proposed as answer by Joyce L Tuesday, May 26, 2015 7:52 AM
    • Marked as answer by Joyce L Wednesday, May 27, 2015 9:58 AM
    Thursday, May 14, 2015 5:57 PM