We are running an LDMS 9.5 core server on our Windows domain. I am attempting to redefine the roles for our various teams to meet our current departmental roles and responsibilities, and I have questions regarding the authentication sources that appear in the user management tool.
Essentially, I see two authentication sources, the LDMS core server and our domain controller, and both sources have users and groups defined. However, the lists of users and groups defined on the two sources do not exactly match. I understand that the System account, "LANDesk Administrators" group, "LANDesk Management Suite" group, and "LANDEsk Script Writers" group would only be defined under the core server authentication source as these are groups and accounts defined only on the core server. But I do not understand why I see domain accounts and groups defined under both the core server authentication source and the domain controller authentication source. and the two lists of defined domain accounts and groups do not match between the authentication sources. As well, only the domain controller authentication source assigns roles to the defined domain accounts and groups.
So, here are my questions:
1. Should the core server authentication source only include the System account, "LANDesk Administrators" group, "LANDesk Management Suite" group, and "LANDesk Script Writers" group? Or should any of these entries be defined? Should the core server authentication source even exist if the server is on a domain?
2. Should domain groups only be defined under the domain controller authentication source? Should the domain groups be removed from the core server authentication source completely?
Thank you for your assistance.