selected domain is read only and cannot be used as a target

Regular Member

selected domain is read only and cannot be used as a target

Hi All,

 

I'm getting the below error when importing clients to the policy manager.user has full access rights.any idea?Smiley Indifferent

 

"selected domain is read only and cannot be used as a target"

 

 

Thanks

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Former F-Secure Employee

Re: selected domain is read only and cannot be used as a target

Once you create an AD synchronization rule and bind it to a domain, this domain (and everything below it in the domain tree) becomes read-only: the underlying structure is taken from the AD and can't be modified manually. If you want to add some hosts manually, you need to create a policy domain outside this AD-managed domain, and add hosts there.

 

Please note that if you bind an AD synchronization rule to the 'Root' domain, then the entire tree becomes read-only. In situations like yours, if you want to keep the ability to add hosts manually, you should bind the rules to the dedicated sub-domains in the domain tree, not the 'Root'. 

 

 

 

8 REPLIES 8
Former F-Secure Employee

Re: selected domain is read only and cannot be used as a target

Is this target domain bound to any ActiveDirectory synchronization rule? 

Regular Member

Re: selected domain is read only and cannot be used as a target

hi Dandelion,

 

Yes.there is a ActiveDirectory synchronization rule.

 

Thanks

Former F-Secure Employee

Re: selected domain is read only and cannot be used as a target

Hi,

 

by design, the domains bound to AD synchronization rules can't be updated manually. You should use another domain for the hosts you'd like to add. 

Regular Member

Re: selected domain is read only and cannot be used as a target

HI,

 

You meant sub domain?how to create a another domain and add clients?Please elaborate

 

Thanks

Highlighted
Former F-Secure Employee

Re: selected domain is read only and cannot be used as a target

Once you create an AD synchronization rule and bind it to a domain, this domain (and everything below it in the domain tree) becomes read-only: the underlying structure is taken from the AD and can't be modified manually. If you want to add some hosts manually, you need to create a policy domain outside this AD-managed domain, and add hosts there.

 

Please note that if you bind an AD synchronization rule to the 'Root' domain, then the entire tree becomes read-only. In situations like yours, if you want to keep the ability to add hosts manually, you should bind the rules to the dedicated sub-domains in the domain tree, not the 'Root'. 

 

 

 

Regular Member

Re: selected domain is read only and cannot be used as a target

HI,

 

Thanks.issue is resolved now.just a another question.i just updated policy manger 12 to 12.20 and clients to 12.20 but client security shows cross mark saying that network connections malfunction.Please reply

 

Thanks

Former F-Secure Employee

Re: selected domain is read only and cannot be used as a target

Hello, 

 

it's hard to say without specific data from your environment what's wrong. Please contact the F-Secure support on that issue. 

F-Secure
F-Secure

Re: selected domain is read only and cannot be used as a target

Hello asanka,

 

Network connections malfunction most likely is shown because F-Secure Anti-Virus Firewall Daemon service failed to start for some reason.

To find the reason, additional information from affected machine(s) is required.

 

Best regards,

Vad