Endpoint Services, MECM, Avoid orphaned objects when importing a repurposed endpoint

Overview

When an imported computer doesn't show up in MECM, it is very likely an orphaned object. To prevent this for future imports, please follow this guide to avoid orphaned computer objects when importing either a repurposed/surplus endpoint or an endpoint that has been offline for more than 90 days. If the object is already orphaned (i.e. computer import is failing), you will need to contact EPS.

Systems

Microsoft Endpoint Configuration Manager (MECM)

Intended Audience

University of Illinois IT Pros leveraging MECM, hosted by Technology Services' Endpoint Services team

Assume the worst before importing a repurposed/surplus endpoint (or an endpoint that was offline for more than 90 days)

  1. If the endpoint currently has Windows installed, do not boot into the OS. Wipe the endpoint with DBAN or a similar tool. If that is not possible, the endpoint must stay offline until this process is complete.

  2. Delete the endpoint's old AD and MECM objects
    1. Search for the MAC address or GUID at \Assets and Compliance\Overview\Devices in the MECM console

  3. Wait 15 minutes and import the computer information into MECM
    1. For units using a USB-to-Ethernet adapter for imaging multiple endpoints, import the endpoint's GUID information instead.  Click here for more information on how to identify an endpoint's GUID.
      1. EPS also recommends submitting a ticket to add the USB-to-Ethernet adapter as a duplicate hardware identifier, which prevents the adapter from being associated with MECM computer objects.  Repeatedly importing computer information with the adapter's MAC address can cause failed imports.

  4. Once the computer object is visible in MECM, PXE boot the endpoint directly into WinPE or boot from boot media when the PC turns on - do not boot into the OS or launch boot media within the OS. If the boot options are missed, physically power off the PC before Windows loads.

What is an orphaned computer object?  What causes an orphaned computer object to be created?

Unit IT pros can only see computer objects that meet one of two rules:

  • Exists in your unit's Active Directory OU subtree (assuming your unit's AD system discovery method includes the relevant OU) OR
  • Computer object meets all of these criteria
    • Imported via the console while connected to sccmcas.ad.uillinois.edu
    • Doesn’t have an MECM client installed
    • Matches the unit's computer name prefix query

Repurposed endpoints that are turned on again (with its previous name and MECM client installed) fail to meet either rule. After being powered on, the MECM client re-registers with MECM infrastructure.  This creates an orphaned object that has no AD information, associates with the primary site instead of the CAS, and will not appear in the unit's all systems collection.


Contact the EPS team