locked
Cross Forest - SCCM 2012SP1 RRS feed

  • Question

  • Hi All - I've re-posted this as I put it in the wrong thread initially under 2007.

    I've configured a cross forest SCCM scenario, with all the SCCM config in one Forest and a single Windows XP SP3 desktop in the other. There is a trust between both Forests/2-way external but I haven't added Forests/Domain to SCCM to enable searching etc. I deployed the agent manually in the external Forest using a mapped drive and ccmsetup /mp:........ this all works fine.

    After installation, after the client is approved, when I click on the client in the SCCM console and try to initiate any of the "right-click" features, I just get a stack of access denied errors back "0x80070005". I've tried rebuilding WMI, re-installing the client to no avail. Im thinking that its related to the cross forest config but I see no provision for setting up external credentials for the other forest - am I right in thinking that the only account that needs to be configured is the "Network Access Account" that the agent uses to make network connections (the rest being run under the guise of the "Local System" account) if so - this is already done too.

    I'm not seeing any access denied entries on the XP desktop and I've been through the DCOM config and local policy to make adjustments/slacken off the permissions...still no dice.

    Am I chasing my tail with this? can I manage a client from the console that actually sits outside of the Forest where the SCCM installation is actually installed?

    The installation is pretty much inline with scenario 1 from the following blog: http://blogs.technet.com/b/neilp/archive/2012/08/20/cross-forest-support-in-system-center-2012-configuration-manager-part-1.aspx

    -a

    Thursday, September 18, 2014 2:01 PM

Answers

All replies