Cannot select "Default Group" after moving DLP Agent out of Default Group
Last Updated July 01, 2019
In your DLP environment, you are unable to move an agent from a custom group back to the default agent group.
DLP 14.x 15.x
Symantec recommends against using the Default Agent group due to the high potential for DLP Admins to assign all policies to the default group causing new agents to monitor all policies and result in decreased DLP performance. It is intended to be used as the group to which newly installed/added agents are assigned until a DLP admin reassigns them to the proper group. Thus, when trying to change the agent group of a particular agent, the default group does not appear in the drop-down menu. This is the intended functionality. Policies can be applied to the default group and you can configure it in such a way that a newly installed/added agent will receive a base set of policies. However, Symantec recommends to create separate groups for agents and to use policy groups to deliver policies to these custom agent groups.
One workaround to force an agent to return to the default agent group after being reassigned to a custom group is to delete the custom group to which the agent is assigned. This will force the agent to be reassigned to either:
1.) another group to which the agent may be assigned to based on qualifying criteria within the group configuration (such as a group that contains all agents that report to a particular Endpoint Server)
2.) the default agent group if the agent doesn't meet the criteria to be reassigned to any other agent group.
In case number 2, the agent will be reassigned to the default group.
Here are 2 agents assigned to a group "Test Group" that I want to return to the Default Group
To do this, you have to delete the Test Group
After deleting the group, wait a few minutes and the agents will return to being assigned to the Default Group
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe