Active Directory Delta Discovery in Configuration Manager 2007 R3 enhances the discovery capabilities of the product by discovering only new or changed resources in Active Directory instead of performing a full discovery cycle. The interval by which Delta Discovery searches for new resources can be configured by the user to be a short interval, because only discovering new resources does not affect the performance of the site server as much as discovering a full cycle. Delta Discovery can detect the following new resource types:

  • Computer objects

  • User objects

  • Security group objects

  • System group objects

Delta Discovery does not replace other Configuration Manager 2007 discovery methods. Because it finds only new or modified resources in Active Directory, it must be used together with a discovery method that performs a full synchronization with Active Directory.

Delta Discovery has the following limitations:

  • Delta Discovery reads only Active Directory attribute changes that are replicated. Delta Discovery does not collect nonreplicated attributes that are changed, such as the memberof attribute, unless a replicated attribute is changed at the same time.

  • If you are using Active Directory Security Group discovery and have enabled Active Directory Delta Discovery changes to security groups will be discovered. However, the option Include Groups is ignored during delta discovery even if it is selected in the New Active Directory Container dialog box.

  • Delta Discovery does not support discovery across forests where the trust type is set to external. However, Delta Discovery does support forest trusts.

By default, Delta Discovery is not enabled in Configuration Manager 2007 R3. When it is enabled, by default, it will run every 5 minutes. For information about how to configure Delta Discovery, see How to Configure Active Directory Delta Discovery in Configuration Manager 2007 R3.

