Importing existing groups and computers from an Active Directory or an LDAP server

If your company uses either Active Directory or an LDAP server to manage groups, you can import the group structure into
Symantec Endpoint Protection Manager
. You can then manage the groups and computers from the management console.
Importing existing groups and computers lists the tasks you should perform to import the group structure before you can manage them.
Importing existing groups and computers
Step
Description
Step 1: Connect
Symantec Endpoint Protection Manager
to your company's directory server
You can connect
Symantec Endpoint Protection Manager
to either Active Directory or an LDAP-compatible server. When you add the server, you should enable synchronization.
Step 2: Import either entire organizational units or containers
You can import the existing group structure from Active Directory or LDAP into the
Symantec Endpoint Protection Manager
. You can also copy individual accounts from an imported group structure into an existing
Symantec Endpoint Protection Manager
group structure.
For
Symantec Endpoint Protection
12.1.x, if you want to use the group structure of
Symantec Endpoint Protection Manager
and not the directory server, import individual accounts.
Step 3: Either keep imported computer or user accounts in their own group or copy imported accounts to existing groups
After you import organizational units, you can do either of the following actions:
  • Keep the imported organizational units or accounts in their own groups. After you import organizational units or individual accounts, you assign policies to the organizational unit or group.
  • Copy the imported accounts to existing
    Symantec Endpoint Protection Manager
    groups. The copied accounts follow the policy of the
    Symantec Endpoint Protection Manager
    group and not the imported organizational unit.
Step 4: Change the authentication method for administrator accounts (optional)
For the administrator accounts that you added in
Symantec Endpoint Protection Manager
, change the authentication method to use directory server authentication instead of the default
Symantec Endpoint Protection Manager
authentication. You can use the administrator accounts to authenticate the accounts that you imported. When an administrator logs on to
Symantec Endpoint Protection Manager
, the management server retrieves the user name from the database and the password from the directory server.