locked
System Center 2012 Design RRS feed

  • Question

  • Hi,

    suppose to have:

    Company1 that manage IT for other 2 company (Company2/3). Every company has separate untrusted domains.

    I have to install SCCM on Company1 and the customer told me that want install SCCM on the other company (and if possible in a centralized way).

    Is it possible to install SCCM 2012 on Company1 and centrally manage (in the future) other SCCM Infrastructure for Company2 and Company3?. (not with a standalone site, OK).

    Make sense to install CAS in Company1 and primary site for Company1,Company2 and Company3?

    What are the benefits compared to Separate standalone site (more simply to manage)?

    Thanks in advance.

    Tuesday, January 15, 2013 6:34 PM

All replies

  • CAS has a couple of advantages:

    1. It provides reporting services.
    2. It provides a buffer to facilitate and manage the communication between primary sites. 

    Moreover, it is like a foreman which gathers and reports information and makes sure that everyone is working together.

    Tuesday, January 15, 2013 7:06 PM
  • Thanks for your reply!

    Do you think it make sense to install a Cas e some Primary to manage different organization?

    Is acceptable to advise the client to use different standalone site?

    Tuesday, January 15, 2013 8:46 PM
  • It would be helpful to your organisation rather if you are managing reporting for the two different companies, however, if they want reporting to be restricted then you can have a standalone site for security reasons.
    Tuesday, January 15, 2013 8:51 PM
  • A CAS is only recommended if you will be managing more than 100k clients.
    @Max: how many clients are in each forest?

    Torsten Meringer | http://www.mssccmfaq.de

    Wednesday, January 16, 2013 7:57 AM
  • 1. All sites provide reporting services but in a multi-site design the CAS will have the birds-eye view of the hierarchy global data sure.

    2. Buffer, don't you mean replication delays and complication? Communications to multiple points equates to multiple failure points, and you should be aware of this. A CAS does not make things less complicated, it makes things more complicated in terms of design, support and licensing.

    Foreman, as in acting as a repository for the hierarchies global data? as an aside the CAS does not t process Client data, this is done down-stream and sent up as information not data, the CAS just collates it all together so multiple Primaries can be rolled up into one information data-set and reported on, I assume this is what you mean buddy.

    As for the OP question, yeah this is interesting, see, we've all got to stop looking at Primaries as an isolated island that someone can own, it isn't, and really they don't, they own a door into the hierarchy and RBA carves out what they can\cannot see. There are no more islands folks, the Primary is shared not isolated now, it see's global data in a multi-site design, and it has local data (look the terms up in the documentation library, find that in my signature below) but local data isn't going to be what you are thinking it is.

    To create isolation in a hierarchy you need to use RBA to carve out what people can and cannot see. You'd do this with a CAS or stand-alone primary design, no avoiding it, either way demands this takes place to do partitioning.

    OP ... key things you need to ask\answer are:

    1. Do we need a Primary at each site for assignment purposes (Company 2 assigns clients to Primary 2, Company 3 assigns clients to Primary 3) and control of client communications? Does Company 2 and company 3 clients coming across the wire to Company 1 server assets present a problem? Most of this depends on link availability and speed\cost etc. Consider line outages versus production impact, try to make your design as resilient as possible by default.

    2. Can we use a single stand-alone primary and RBA to hide Company 2 assets from Company 3 while client communications come direct back to Primary 1 and it's Site systems (MP, SUP etc)?

    3. In a single stand-alone design, clients will use Site boundaries for content look-up, but there are features of the product (MP for example) that cannot be controlled using boundaries, this needs to be considered in your design, how you will control client traffic?

    I have chores now, so I need to move on, ask away though, I am sure others here will chime in as design is such a wonderfully complicated and interesting subject now. In SMS2003 and CM07 design was so easy anyone could do it, just roll out a Central and Primaries and off you go, but things really have changed in CM12 and anyone calling out a CM07 design for CM12 just hasn't understood the new design principles and are trying to warp the new product back into its old form, bad, very bad.

    HTH


    Rob Marshall | UK | My Blog | WMUG | File CM12 Feedback | CM12 Docs | CM12 Release Notes

    Friday, January 25, 2013 11:50 AM