Knowledge Center

An Active Directory Sync configured to move or delete a large number of systems temporarily prevents Agent communication
Technical Articles ID:   KB89357
Last Modified:  6/11/2019


McAfee ePolicy Orchestrator (ePO) 5.9.x, 5.3.x, 5.1.x


Agents are unable to communicate because of handlers reaching a "max connections" state during the execution of an Active Directory (AD) sync task that is configured to move or delete a large number of systems.

The Agent communication issue is temporary, and will subside upon completion of the AD Sync task. 


The AD sync task commits expensive SQL queries, especially during a sync task configured to delete or move systems already within the ePO System Tree.

As designed in the impacted ePO versions, this AD Sync task attempts to execute in one large transaction, which can result (in rare situations where a large number of systems are being moved or deleted) in blocking within the SQL database, preventing incoming Agent-to-Server communication from being processed during the transaction execution.


This issue is resolved in ePO 5.9.1, which is available from the Product Downloads site at: http://mcafee.com/us/downloads/downloads.aspx

NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site and alternate locations for some products.

Updates are cumulative; Technical Support recommends that you install the latest one.

The planned solution to be included in ePO 5.9.1 will allow for the transaction to periodically commit the sync in progress, to release locks and avoid blocking other SQL operations (including Agent-to-Server communication).

Rate this document

Beta Translate with

Select a desired language below to translate this page.


This article is available in the following languages:

English United States

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.