AD Sync - archive computers not part of sync instead of deleting
I would like to have the option during an AD sync to keep a record of computers that are no longer in AD, but move them out of the normal inventory.
For example, if during a synch a machine no longer exists in AD, move that computers record to an archive folder where I can still find it in case I need to know what hardware or applications it had, but where it won't clutter my day to day inventory processes.
1
Comments
You can partially accomplish this by setting your Active Directory settings' "Delete Mode" to "Import Only (no delete)". I just tested this by deleting the AD computer accounts for 5 computers that no longer exist, then re-syncing my PDQ Inventory to AD. The computers are still listed in PDQ (which is what I wanted), but I don't see any indicator in the computer's info within PDQ to indicate that it no longer exists in AD. It still shows a populated "AD Parent Path" and "Domain" field, even though that is no longer accurate for this computer.
You could probably filter out these orphans by looking for computers whose last successful scan date is over x number of days old, but that's obviously imperfect. It would be nice if there were just a boolean value for each computer such as "Exists in AD" or something.
You could also work around this issue by simply disabling AD computer accounts instead of deleting them, and then have a separate collection in PDQ for computer accounts that are disabled, but that involves process changes outside of PDQ that may be outside of your control. I'm also not crazy about the idea of hundreds of orphaned computer accounts piling up in AD just to maintain historical data in PDQ.
Same issue I opened a ticket for today. I noticed the progress area of "Add Computers" says "syncing" continuously. The date is also 3 days old.
We want items that are not in AD to completely remove themselves from PDQ Inventory. This isn't working after the upgrade to 18.3.2.0.
Tim,
What is your Delete Mode set to?