AD Group discovery discovering group members
AD Group discovery automatically discovers all computers and users that are members of the group (and nested groups). Sometimes it is not desired, as we choose what computers/users we want to discover via AD System/User Discovery. AD Group discovery should update group membership information for existing resources in the site. Or, ideally, provide an option to choose if we want to also discover group members, or not.
Please FIX - in 1906 we cannot leverage Group Discovery effectively because it pulls in 20,000+ AD records not managed by the site.
Additionally, "ignore machines that haven't checked in within 14 days" (for example) still pulls in all the unwanted records, despite not being turned on within that window, because of group membership.
3 votes given here
Cannot agree more with this, we have a process to manually import machines so that they are automatically named correctly and added to the correct AD groups. We don't have system discovery enabled and yet computer objects are created through group discovery - leading to duplicate objects and confusion for our support staff who need to image and manage the machines. Very annoying that we can't disable this as it's just system discovery by the back door!
This functionnality was ok with realase before. We are in a degraded mode......
Why is this still not changed? Its annoying having a lot of objects being imported into SCCM that we do not want there, just because they are in a group being discovered by SCCM.
Group discovery should discover groups, not add devices to SCCM just because they happen to be in that group.
Paul Zillman commented
I have run out of votes to cast. +1