I have a question about how LANDesk interacts with Active Directory. Our department uses LANDesk. We recently migrated to the campus domain and have been contemplating adding the LANDesk server into the Domain. We only manage our OU in the domain. When adding LANDesk to the domain will it try to gather or interact with the entire domain or is it possible to specify LANDesk to only interact with our OU in the domain. We are currently running LDMS 9.0 SP2.Any insight into this would be appreciated.
you should certainly wait for a more qualified response but I'll chime in with my experience.
LDMS 9.0 does not really seem to be domain-aware, rather it seems to become aware of devices that are operating on the network via its unmanaged device discovery. While it is possible to limit discovery to devices that are on a specific domain, it doesn't really seem to be of a concern to LDMS that a machine is or isn't part of a domain. Said another way, we have a physical network with several subnets and a mix of different device types. Some devices are a member of our domain and others are not. LDMS sees anything and everything on the network, even printers. It is possible to manage most devices that LDMS detects provided that an agent can be installed on them.
Active directory integration seems to an afterthought in my opinion for if there was truly an integration then we would see some features available to us which are noteably lacking. I'm thinking of being able to pull from or push to the AD database information relating to a machine such as its location and who is using/managing it. LDMS can't interact with this data in any way as far as I can tell. Furthermore, there isn't a provision for adding a maching to a domain and then to a specific OU. In provisioning the JOIN DOMAIN action simply lets you specify a domain name and which credentials to use when joining the domain...it doesn't ask for or prompt the operator with any information about OUs.
this is all a disappointment for me...maybe someone else has some enlightening info for us but as the product stands right out of the box it just barely plays with AD.
in trying to answer your question, I think you will want to limit the scope of your LDMS console to machines on your domain. You do this by applying a domain filter within Unmanaged Device Discovery...trying to filter down to an OU does not appear to be possible with what comes in the box.