Active directory computer object created by FMC/FTD AD integration

carllapointemedia · ‎02-26-2025

Hello everyone,

We noticed there are computer objects corresponding to our cisco firewalls in the default computers OU of our AD. I'm guessing this was created with the realm configuration we did in the FMC.

My question is, can we move those object to a non-default OU without impact on the firewall system ?

Because normally we don't keep objects in that default "Computers" OU, we move them to their specific OU related to their location and function.

Thanks

Marius Gunnerud · ‎02-26-2025

I have never had to move an object created by FMC when setting up a realm, but I believe that it should not break the setup so long as the object you move can still be found within the base DN and group DN you specify furing the AD realm setup.

--
Please remember to select a correct answer and rate helpful posts

carllapointemedia · ‎02-27-2025

Hey thanks for replying, I guess that most people don't move those object at all, at least I find no information about those on the internet. Our system admin are asking if they can be moved and I was not sure what to answer.

I guess we can try to move them and if something happens then we move them back.

But there is basically no documentation on those object so I'm still afraid something will break.

carllapointemedia · ‎03-07-2025

If anyone find this thread looking for answer. We did the move without any issue, we created a new OU and moved all the FTD and FMC computers object to this OU from the "Computers" container.

The AD synchronization is still working fine.

Marius Gunnerud · ‎03-09-2025

Just be sure that the OU you move the objects to are under the parent OU defined when setting up AD sync in the FMC.

--
Please remember to select a correct answer and rate helpful posts