McAfee EPOLICY ORCHESTRATOR 4.5 Product Manual page 126

Organizing the System Tree
Creating and populating groups
2 Next to Synchronization type, click Edit. The Synchronization Settings page for the
selected group appears.
Figure 6: Synchronization Settings page
3 Next to Synchronization type, select NT Domain. The domain synchronization settings
appear.
4 Next to Systems that exist elsewhere in the System Tree, select what to do with
systems that would be added during synchronization already exist in another group of the
System Tree.
NOTE: McAfee does not recommend selecting Add systems to the synchronized group
and leave them in their current System Tree location, especially if you are only using
the NT domain synchronization as a starting point for security management and use other
System Tree management functionalities (for example, tag sorting) for further organizational
granularity below the mapping point.
5 Next to Domain, click Browse and select the NT domain to map to this group, then click
OK. Alternatively, you can type the name of the domain directly in the text box.
NOTE: When typing the domain name, do not use the fully-qualified domain name.
6 Select whether to deploy agents automatically to new systems. If you do so, be sure to
configure the deployment settings.
TIP: McAfee recommends that you do not deploy the agent during the initial import if the
domain is large. Deploying the 3.62 MB agent package to many systems at once may cause
network traffic issues. Instead, import the domain, then deploy the agent to smaller groups
of systems at a time, rather than all at once. However, once you've finished deploying
agents, consider revisiting this page and selecting this option after the initial agent
deployment, so that the agent is installed automatically on any new systems that are added
to the group (or its subgroups) by domain synchronization.
7 Select whether to delete systems from the System Tree when they are deleted from the
NT domain. You can optionally choose to remove agents from deleted systems.
8 To synchronize the group with the domain immediately, click Synchronize Now, then
wait while the systems in the domain are added to the group.
NOTE: Clicking Synchronize Now saves changes to the synchronization settings before
synchronizing the group. If you have an NT domain synchronization notification rule enabled,
an event is generated for each system added or removed. (These events appear in the
Audit Log, and are queryable). If you selected to deploy agents to added systems, the
deployment is initiated to each added system. When the synchronization completes, the
126 McAfee ePolicy Orchestrator 4.5 Product Guide