Remove From My Forums

Site Recommendation untrusted forest

Question
0

Sign in to vote

I'm in the middle of implementing SCCM2012 in our environment.

I have one Primary Site which is located at headquarter, 2 secondary site and 2 distributionpoint accross the world.

We have also a subsidiary in China. For security reason there is a Primary Site SCCM2007, this which will be uninstalled and it is planned to install a secondary site sccm2012 there.

The china clients should only talk to the site secondary site and secondary site only to the primary site at headquarter.

Is it possible to restrict the clients talking only to the secondary site in china? If not, is it possible to use another port instead of port 80 for client communication?

Will OS, SW and SUP Deployment still work?

Sunday, September 23, 2012 7:56 AM

Answers

0

Sign in to vote
1) all sites must have a forest trust otherwise they can't communicate. If a forest trust to China is not an option then you can't deploy any child sites there.
Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund | Mastering ConfigMgr 2012 The Fundamentals
- Marked as answer by Tony Fernandes Tuesday, September 25, 2012 3:53 PM
Sunday, September 23, 2012 8:30 AM

All replies

0

Sign in to vote
1) all sites must have a forest trust otherwise they can't communicate. If a forest trust to China is not an option then you can't deploy any child sites there.
Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund | Mastering ConfigMgr 2012 The Fundamentals
- Marked as answer by Tony Fernandes Tuesday, September 25, 2012 3:53 PM
Sunday, September 23, 2012 8:30 AM
0

Sign in to vote

Hi Kent

So which option would recommend?

Waiting for SP1 and install a CAS where then I have 2 Primary Site, the second one in China?

Sunday, September 23, 2012 8:40 AM
0

Sign in to vote

SP1 will not help you, a forest trust is still required if the site in China have to added to the same hierarchy. Either install China as a standalone site or manage the clients from one of the other sites (which most likely is a NO-GO).
Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund | Mastering ConfigMgr 2012 The Fundamentals

Sunday, September 23, 2012 8:42 AM
0

Sign in to vote

And what about the options which you described in your blog

http://blog.coretech.dk/kea/multi-forest-support-in-configmgr-2012-part-iithere-can-be-only-oneor/

Sunday, September 23, 2012 8:59 AM
0

Sign in to vote

Those are site system roles belonging to the primary site, they are not installed on a child site.
Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund | Mastering ConfigMgr 2012 The Fundamentals

Sunday, September 23, 2012 9:00 AM
0

Sign in to vote

I would to manage from only one adminconsole all the sites. Stand alone Primary is actually not a option for me.

What do you mean "manage the clients from one of the other sites" ?

Sunday, September 23, 2012 9:26 AM
0

Sign in to vote

Why is a standalone primary not an option? How many clients at each location are we talking about?
Torsten Meringer | http://www.mssccmfaq.de

Monday, September 24, 2012 5:52 PM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Site Recommendation untrusted forest

Question

Answers

All replies