Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

How can we improve Configuration Manager?

← Ideas

Allow exclusion of OU's from Active Directory System Discovery

Have the ability to include/exclude certain OU's from both Active Directory User and System Discovery.

E.G. I might have an "All Users and Groups" OU at the root domain level, which may contain sub OU's containing service accounts or mailbox accounts etc. that I don't want being picked up by discovery. The ability to pick which sub OU's to discover/not discover would be really handy in this scenario. The same applies for system/computer discovery also.

40 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
James Mealing shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

6 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Mike commented  ·   ·  Flag as inappropriate

    Agreed with this 100%. This should have been a feature long ago. Having to change permissions in Active Directory to avoid discovery is a hack at best. There should be an easy way to indicate "Exclude this OU" in the discovery method.

  • Sean Bravener commented  ·   ·  Flag as inappropriate

    +1 we have groups that have mac and linux boxes we do not want included in discovery. will try denying access to the primary site computer to see if that will work.

  • bill commented  ·   ·  Flag as inappropriate

    you can deny your site server machine account "read" access to the OU.

  • Ronny commented  ·   ·  Flag as inappropriate

    +1, same here. Have a Citrix environment and all the machines appear in SCCM because of the Group Discovery...

  • Jacob Jeffers commented  ·   ·  Flag as inappropriate

    I came here to submit this same request. We have OUs that contain things like machine objects for VDI systems - which there will often be a few thousand of. These systems aren't maintained by SCCM, and shouldn't be discovered, but there is no easy way to exclude them without listing all of our OUs individually for discovery.

Ideas: Client deployment and discovery

Categories

Feedback and Knowledge Base

(thinking…)