Problem:

I have added a computer to a Active Directory group. I then update the collection membership for the Collection based off this AD group but I don’t see the new computer appear.

Resolution:

In this case the problem was down to AD replication. If I checked the group membership in AD Users and Computers the group membership was as I expected.

Then looking in the “adsysgrp.log” I noticed that AD System Group Discovery was actually looking at a different Domain Controller (look for lines that start “INFO: Bound to ‘LDAP…’” as what comes next is the fully qualified domain name of the Domain Controller discovery is querying).

Once the AD Replication issue had been resolved the Collection membership appeared as expected.