When computer account becomes unmanaged in policy manager?

JukkaV
JukkaV W/ Alumni Posts: 10 Security Scout

Hi,

 

Can somebody tell me exactly, when computer account found from active directory comes unmanaged in policy manager? For example is it unmanaged after disconnecting. I mean if disconnected hosts are removed after 14 days are those hosts unmanaged after that?

 

~ Jukka ~

 

Comments

  • MJ-perComp
    MJ-perComp W/ Alumni Posts: 669 Firewall Master

    Hi,


    from the computer's point of view it is still managed. The configuration will stay active and the system will update directly from the internet (unless you blocked that in the active poilicy).

    From the PMS's point of view the computer is unmanaged as you can no longer control any settings.

    The computer will re-register to the PMS when ever possible.

    BUT: removing a computer from PMS because it has left the company will not void the installed license. You are still responsible and have to count them as if they were managed. If you sell a computer you have to remove the software.

  • JukkaV
    JukkaV W/ Alumni Posts: 10 Security Scout

    Matthias,

     

    I mean from PMS's point of view. For example i can see Unmanaged (893) in our Policy manager. Those unmanaged contains:

    - disconnected computers (after 14 days for example)

    - computers accounts in AD no F-Secure installed at all

    - computer accounts in AD F-Secure installed but not connected PMS at all

     

    Is this correct?

     

    ~ Jukka ~

  • MJ-perComp
    MJ-perComp W/ Alumni Posts: 669 Firewall Master
    "disconnected" hosts are those that are "managed" but did not send a status since 14 days
    "unmanaged" are those that are found in AD but never connected to PMS.
    The last is a state that PMS can not distinguish from "unmanaged", i.e. the hosts never connected to PMS.

    So while the "disconnected" ones might show up again after vacation, training or illness of the user, the unmanaged ones will never show up without your intervention. An FSDIAG from one of the third kind should be sent to support to get an idea what is wrong and why they do not communicate with PMS.
    M.
This discussion has been closed.