Greetings,
After carefully reading through the product manual and trying to find an answer in the forums, I have yet to find a solution in using an Active Directory "security group" -only- as a method for UDD. There are options for "NT Domain" and "LDAP", however neither seem to support anything other than a Top Level Domain, or an Organizational Unit, respectively. Every option in the Scanner Configuration pane is deselected except for which option I'm attempting to configure. We absolutely cannot perform a “ping sweep” function, too many networks.
1) If I navigate the UDD Scanner Configuration pane and choose "Discover device using NT Domain" without an IP range selected, and I enter a FQDN to the OU where I have unmanaged computers, it fails. Error is as such "The following error occurred while trying to connect to the server: Unknown error (0x80005004). Add anyway? (Yes) (No)." However if I only enter a top level domain, it succeeds but will scan every computer object in that domain.
2) If I navigate the UDD Scanner Configuration pane and choose "Discover devices using LDAP" without an IP range selected, and I enter the LDAP Distinguished Name for the security group (Canonical Name) as such “LDAP://corp.domain.com/CN=UniversalSecurityGroup,OU=Landesk,OU=Division,DC=Corp,DC=Domain,DC=com”, I can see right away in the Scanner Configuration pane that anything in the “Select individual OUs” list that starts with “CN=” is greyed out, and only “OU=” is highlighted. Scanning yields no results.
The idea is to have administrators in other domains easily add a Universal Group/Global Group to these machines, and UDD will find them based on membership. Ideas?
