Managing Active Directory Scanners

Endpoint Security can scan and import users, groups, Organizational units (OUs) and computers from multiple supported directory domains. After the objects are imported, you can assign policies.

Note:
  • Endpoint Security does not scan groups of the type Distribution in Microsoft Active Directory.

  • If a device belongs to both Microsoft Active Directory and Microsoft Entra ID domains, then the Microsoft Active Directory takes precedence.

  • To move a device from the Microsoft Active Directory domain to Microsoft Entra ID domain:

    1. Disconnect the device from Microsoft Active Directory domain.

    2. Register the device with Microsoft Entra ID.

  • Media Encryption, Remote Help, and automatic access do not work if you install the scanner after installing Media Encryption. To ensure proper operation, install the required scanner (Microsoft Entra ID or Active Directory) before you install Media Encryption.