Use the Active Directory User Discovery method to discover the following:
- User name
- Unique user name (includes domain name)
- Active Directory domain
- Active Directory container name
- User groups (except empty groups)
Use this discovery method to discover accounts that are required to be categorised into Configuration Manager collections. For example, if there is a need to distribute software to collections of users, use this discovery method to determine which users are in the Active Directory domains. If the healthcare organisation has users that require a specific software package, those user accounts can be discovered, and a collection can be created containing those accounts. Software packages can then be advertised to that collection exclusively, so that only the appropriate users receive it.
Polling performed by Active Directory User Discovery can generate significant network traffic, although it generates less traffic per resource than Active Directory System Discovery. Plan to schedule the discovery to occur at times when this network traffic does not adversely affect network use. Also, because Configuration Manager polls Active Directory, the Configuration Manager resources that are obtained from Active Directory do not necessarily reflect the current Active Directory resources. Users might have been added, removed, or changed in Active Directory, since the most recent poll.
1. Open the Configuration Manager Console and navigate to the Discovery Methods node. In the right pane, right-click on the Active Directory User Discovery component and select Properties
2. Select Enable Active Directory User Discovery. Click the button to add a search location.
3. Select Local domain as the location and accept the other default settings. Click OK.
4. Select the container that contains the users that Configuration Manager will discover. Click OK
Note
It is good practice to be as specific as possible when specifying the container. It is possible to specify more than one location, and, by default, any sub-containers are also searched.
an ongoing schedule for the discovery process. Click OK.
Tip:
Additional attributes can be discovered from Active Directory using the Active Directory attribute tab.
Additional attributes can be discovered from Active Directory using the Active Directory attribute tab.
The progress of the discovery process can be monitored by looking at the log file
<Configuration Manager installation folder>\Logs\Adusrdis.log. Once the discovery records have been processed by Configuration Manager, they will be shown in the Configuration Manager Console within the ‘All Users’ collection, and any other collection that is appropriate for the type of resource. To view the discovery information that has been gathered for a computer, either double-click the computer from within the Configuration Manager Console, or right-click on the computer in the Console and select Properties.
Note
Collections will only update their contents according to the update schedule specified for the collection. Therefore, it may be necessary to right-click on the collection and select Update Collection Membership to populate the collection members.
No comments:
Post a Comment