Your only option is to NOT discovery those AD groups which have computer that you don't want to discover.
Security Group Discovery Question
Hi,
MEMCM beginner here. :)
I read Discovery methods - Configuration Manager | Microsoft Learn and it left me with a question regarding our own enviroment.
We have a lot of devices in MEMCM that doesn't have the Config Mgr Agent installed.
It seems most of these devices only gets discovered by Group Discovery. At least when i check the device properties from the console the Agent Name field is only populated with "SMS_AD_SECURITY_GROUP_DISCOVERY_AGENT".
Does this indicate a misconfiguration in our enviroment ? I can see the same computers in the adsysdis.log generating "Host not found resolving FQDN".
If a device doesn't get discovered by System Discovery, i dont want Group Discovery to discover it, as this, i understand, only gives me a limited resource record that i cant use for pushing the client.
We are using:
-System Discovery > Only Discover Computers that have logged on to a domain in a given period of time: 90 days
-Group Discovery > Only Discover Computers that have logged on to a domain in a given period of time: 90 days
-Heartbeat Discovery