locked
Installing clients on machines in another domain - not the same forest RRS feed

  • Question

  • Hi, in my workplace, a new domain has been setup (not by me) for test purposes. This domain is not part of the same forest as my SCCM 2012 environment. There is a firewall between the two domains (ports opened as needed), and the test domain has no direct internet connection.

    I read plenty about how to install SCCM clients on workgroup machines, doing manual installation etc. But I was wondering if people had any guidance on how best approaching getting SCCM clients onto machines in the test domain, and getting them to communicate with SCCM?

    Firewall port changes are not an issue as on I plan to completely open the firewall between on the clients and SCCM to observe the traffic and ports in use.

    Monday, October 14, 2013 4:16 PM

Answers

All replies

  • I would start by manually installing a client in the remote domain for testing purposes. See if the client will be able to communicate with the MP etc. You might also consider to place an additional MP and DP in the new forest and enable publishing to the new domain. After having figured out the basics you can deploy the client using a GPO or login script then.

    Torsten Meringer | http://www.mssccmfaq.de

    • Marked as answer by Joyce L Monday, October 21, 2013 9:16 AM
    Monday, October 14, 2013 4:53 PM
    • Marked as answer by Joyce L Monday, October 21, 2013 9:16 AM
    Monday, October 14, 2013 4:59 PM
  • I'd configure DNS to use conditional forwarders in both domains so that the clients can find the MP with the FQDN. It's vital for the client-server communications.

    I've got a similar environment setted up, only DNS queries work both sides and therefore also the client works as expected.

    Client push also works, if you just configure the clientpush account matching the other domain in case. Also check your discovery methods.

    More info:

    http://blog.coretech.dk/kea/multi-forest-support-in-configmgr-2012-part-i-managing-clients-in-an-untrusted-forest/

    Monday, October 14, 2013 7:40 PM