AD Sync - Remove Computers No Longer in AD
We have a ton of old computers listed that have been retired & removed from AD, but are still listed in sophos. It would be nice if AD sync had an option to automatically clear these up.
If it's not in AD and it's not reporting as online (For 2 weeks) -> Purge.
We will have a new release of the ADSync tool before the end of June that will allow syncing of devices and device groups, protected computers will not be removed from Central but unmanaged/unprotected devices will if regular syncing is setup.
We're planning to make device deletion reversible (i.e. mistakes can be undone) in future. Until that point we do not want to automatically delete devices, as mistakes require a reinstall of the machine(s).
Admins can manually delete machines, and we have a backlog item (note: currently not planned) to offer some canned filters of the devices list view to allow easy selection of devices on/offline for different periods of time. For example: filter for machines offline >30 days, then select all and delete.