locked
Managing clients in a seperate SCCM heirarchy RRS feed

  • Question

  • I have a bit of a difficult scenario to support, I don't agree with the method but I have been asked to achieve it :)

    The environment contains 2 untrusted forests, with a number of domains in each. The scenario is DOMAIN-A has SCCM deployed, and the untrusted DOMAIN-B has SCCM deployed. The requirement is to manage around 10 clients in DOMAIN-A from the DOMAIN-B SCCM environment with the kicker being both SCCM environments use the same site code and the boundary in question overlaps.

    I am attempting a manual client install onto the hosts in DOMAIN-A using the below command, DNS resolution works between both domains.

    ccmsetup.exe /mp:SCCM.DOMAIN-B SMSSITECODE:P01 DNSSUFFIX=DOMAIN-B SMSMP=SCCM.DOMAIN-B FSP=SCCM.DOMAIN-B SMSSLP=SCCM.DOMAIN-B

    The problem is the hosts in DOMAIN-A, post manual install, always update to use the management point in DOMAIN-A, due to the site details being published in AD.

    Can anyone provide and ideas on how this scenario can be achieved?

    Tuesday, October 6, 2015 3:19 AM

Answers

  • The problem is the hosts in DOMAIN-A, post manual install, always update to use the management point in DOMAIN-A, due to the site details being published in AD.

    Can anyone provide and ideas on how this scenario can be achieved?

    its not about the site code published in AD but its more about boundaries and boundary group and how you have configured the site assignement. Check those configurations in your domain B for domain A boundaries and make sure no overlapping in domain A and domain B sites.

    have a look at technet for reference https://technet.microsoft.com/en-us/library/gg712701.aspx?f=255&MSPPError=-2147217396#Plan_Com_X-Forest


    Eswar Koneti | Configmgr Blog: www.eskonr.com | Linkedin: Eswar Koneti | Twitter: eskonr

    Tuesday, October 6, 2015 5:12 AM
  • You'll need to review your locationservices.log and clientlocation.log to discover exactly what is (or is not) happening.

    DNSSUFFIX is useless unless you have actually published MP info to DNS (which most folks never do). SMSSLP is also useless in 2012 thus you should remove both of these.

    Officially, what you've described above is unsupported. Without seeing the logs though, it is very difficult to know what is going wrong here there.


    Jason | http://blog.configmgrftw.com | @jasonsandys

    Tuesday, October 6, 2015 1:22 PM

All replies

  • The problem is the hosts in DOMAIN-A, post manual install, always update to use the management point in DOMAIN-A, due to the site details being published in AD.

    Can anyone provide and ideas on how this scenario can be achieved?

    its not about the site code published in AD but its more about boundaries and boundary group and how you have configured the site assignement. Check those configurations in your domain B for domain A boundaries and make sure no overlapping in domain A and domain B sites.

    have a look at technet for reference https://technet.microsoft.com/en-us/library/gg712701.aspx?f=255&MSPPError=-2147217396#Plan_Com_X-Forest


    Eswar Koneti | Configmgr Blog: www.eskonr.com | Linkedin: Eswar Koneti | Twitter: eskonr

    Tuesday, October 6, 2015 5:12 AM
  • You'll need to review your locationservices.log and clientlocation.log to discover exactly what is (or is not) happening.

    DNSSUFFIX is useless unless you have actually published MP info to DNS (which most folks never do). SMSSLP is also useless in 2012 thus you should remove both of these.

    Officially, what you've described above is unsupported. Without seeing the logs though, it is very difficult to know what is going wrong here there.


    Jason | http://blog.configmgrftw.com | @jasonsandys

    Tuesday, October 6, 2015 1:22 PM