AD Collection

Question

Hi all,

Seeking assistance on troubleshooting hosts that aren't appearing in a collection based on an Active Directory group.

I have a collection derived from an AD group with 10 clients, but 3 are not showing up. These 3 clients are active in SCCM.

I've performed a full discovery with AD Group Discovery and updated the collection membership, yet the issue persists.

What additional steps can I take and what troubleshooting measures can help identify why some hosts are missing?

Thank you.

Answer 1

The membership of ad groups also comes from heart beat discovery. As such make sure that the device see it is a member of the group and heartbeat discovery has run and collection membership has updated.

Answer 2

Hello,

It's great that you've taken some initial steps to troubleshoot this issue. If some hosts are not appearing in a collection based on an Active Directory group in SCCM, here are additional steps and troubleshooting measures you can take:

1. Check Group Membership: First, double-check the membership of the AD group to ensure that these three clients are indeed members. Sometimes there might be issues with group membership synchronization.
2. Client Status: Verify that the SCCM client is installed and running correctly on the missing clients. You mentioned they are active, but confirm they are communicating with SCCM without any issues. Look at client logs for errors.
3. Boundary Configuration: Ensure that the boundaries and boundary groups in SCCM are correctly configured. Clients should be associated with the correct boundary group that matches the site.
4. Collection Update: After performing a full discovery and updating the collection membership, make sure that the collection has been successfully updated. You can check the "Membership Evaluation" tab in the collection properties to see when it was last updated.
5. Log Files: Examine SCCM log files on the missing clients. Logs like "ccmexec.log" and "LocationServices.log" may contain information about why they are not appearing in the collection.
6. WMI and Inventory: Check the health of Windows Management Instrumentation (WMI) on the missing clients. Issues with WMI can disrupt SCCM functionality. Ensure that hardware inventory and software inventory are being collected from these clients.
7. Firewall and Network Issues: Verify that there are no firewall or network issues preventing the clients from communicating with the SCCM server.
8. Client Actions: You can force a machine policy retrieval and evaluation cycle on the missing clients from the SCCM console. This might prompt them to update their membership in collections.
9. Manual Collection Update: Manually update the collection membership by right-clicking on the collection and selecting "Update Membership." This can help ensure the collection is up-to-date.
10. SQL Queries: You can run SQL queries against the SCCM database to see if the missing clients are indeed members of the AD group-based collection.