I’m evaluating Avast for my firm, I’m pretty happy with how it works but still questions would like to know before I finish the evaluation report and pass to the board.
We would like to have the antivirus deployed on our Asia region as a test point. But here comes the problem…
All of our offices are using same domain (i.e. abc.com), and the AD breaks down to small OUs for individual offices (i.e. London, Singapore, China). IF we do a discovery using only the domain (abc.com) there are couple thousands of computers appears on the Computer Catalog. Of cause if I got every single machine counted to buy the license would be fine. We probably will consider to replace McAfee if your software works better but in fact we cannot do it phase by phase and only able to dig out all those machines at once, even though I do the first time manually but it will still be painful if we decided to have multiple ADM servers in different region.
In LDAP Query, it is possible to pick data in different containers like ou=servers,ou=hongkong,cn=abc,cn=.com which give us the ability to pick up all CN entries under container abc.com\hongkong\servers.
would your software capable to do it? cause I have worked for days and not yet figure it out.
Unfortunately, I’m afraid the discovery task can only be limited by domains (not by OUs). I.e. there’s no way to confine the AD search even to your Hongkong office.
A solution I see is have the list exported to a text file (by means of the AD console) and then import the machines to ADNM.
However, this involves some manual labour and cannot be automated (if you’d like to run the discovery task repeatedly).
Tried that one, but maybe I got something wrong. When I import the file extracted from AD, which column should I put the domain name? Cause if I do not put in the domain name, it will have two machine with same name but different domain.
By the way, I had successfully pick up the content in the OU, is there any ways to put the text file into avast! without human intevention? I think it should be easy to build such a tool as in the ADMN already got a import command, I just wonder if you could have somekind of patch or little dos utils e.g. import.exe things to make our life easier.
This is what I did to pick the OU data from the AD, hope this will inspires you if that is possible to include discover base on container cause I believe this would be a key feature for massive organizations.
c:>dsquery computer ou=clients,ou=hongkong,ou=sites,dc=intranet,dc=abc,dc=com -scope base
You know, IT admins don’t wanna screwup with all sites around the world in single shot. I believe most of the big companies designed their AD under one single domain and have sites breakdown to OU and would like the abilities to narrow down the criteria of deployment group for automation testing.