We had an issue with Mac clients initially (at startup) ending up in a location that should only be valid for Windows systems; the only criteria for this location was a registry check.
Macs don't have a registry so one would expect the check to fail and the location considered invalid, but that's not the case. According to Symantec, Mac clients just ignore criteria they can't process (like a registry check), treating the location like it has no criteria at all. Since the Mac ignores the criteria, but not the location, the location is still considered valid for the selection process.
Our fix was to create a catch-all location with no criteria and place it at the top of the list; this was also later recommended by Symantec and alluded to here:
https://support.symantec.com/en_US/article.TECH97097.html
On a side note, the Macs eventually ended up in the correct location after some heartbeat/location check interval.
With the above in mind, I would like to suggest the following changes to the Location Awareness logic:
- Macs should completely ignore locations they can’t process the criteria for, not just the criteria. If a location is based on some Windows criteria then obviously there shouldn’t be any Macs going there.
- A true “Default” (catch-all) location is needed. This location should be hardcoded, enabled at the top of the list with no criteria. Systems not matching criteria for other locations should fall into this one “by default”.
- Change the wording of “Set this location as the default location in case of conflict” to something like “Set this location as the preferred location in case of conflict” since there would already be a “Default” location, see #2.
