SCCM 2012 Hierarchy design

All replies

• 

  

  1

  Sign in to vote

  No need for a CAS at all. Just go for a standalone primary and sender-enabled DPs.
  See http://technet.microsoft.com/en-us/library/gg712701.aspx#Plan_Com_X_Forest for managing clients in different forests.

  ---

  Torsten Meringer | http://www.mssccmfaq.de

  • Proposed as answer by Jason Sandys [MSFT]MVP Friday, August 10, 2012 2:18 PM
  • Marked as answer by Robert Marshall - MVPMVP Friday, November 2, 2012 1:46 PM

  Friday, August 10, 2012 2:09 PM
• 

  

  2

  Sign in to vote

  You should be fine by implementing a single primary forest. I do not see any reasons for installing secondary sites. If you choose to, then SQL express will be installed automatically when you install the secondary site server.

  You will be able to implement a DP in the non-trusted forest, but not a SUP. Yuo either have to open the firewall and allow the clients to use the SUP in the DC or configure an Internet based SUP.

  ---

  Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund

  • Proposed as answer by Jason Sandys [MSFT]MVP Friday, August 10, 2012 2:18 PM

  Friday, August 10, 2012 2:15 PM
• 

  

  0

  Sign in to vote

  Many thanks to you both for your responses.  So basically I should install a primary site in our main location and then DPs and SUPs in all other locations (aprt from the remote untrusted forest)??

  Also what do I need to consider for DR if the main site that holds the primary site server is lost?
  

  If I do go with secondary sites, how large does the SCCM DB grow to, with 5-6K clients connected?  Im just thinking will SQL Express be able to support this?

  Thanks!
  

  Monday, August 20, 2012 8:00 AM
• 

  

  1

  Sign in to vote

  So basically I should install a primary site in our main location and then DPs and SUPs in all other locations (aprt from the remote untrusted forest)??

  Correct.

  Also what do I need to consider for DR if the main site that holds the primary site server is lost?

  DR in ConfigMgr (like most other products) is backup and restore. Are you actually asking about HA and/or site resiliency?

  If I do go with secondary sites, how large does the SCCM DB grow to, with 5-6K clients connected?  Im just thinking will SQL Express be able to support this?

  Secondary sites do not store client information so the DB doesn't grow very large at all.

  ---

  Jason | http://blog.configmgrftw.com

  Monday, August 20, 2012 6:04 PM
• 

  

  0

  Sign in to vote

  thanks for your response Jason!

  I did alot of reading on this yesterday and yes it looks like backup/restore is my only option.  As far as HA goes though what is the best method.  I have attached a diagram of my planned design - do you see any issues with this?  In the untrsuted domain locations there will be no OS deployement via SCCM - they will also use their existing WSUS architecture for updates.  All servers wll be virtual and will run on highly available clustered virtual environments

  

  Thanks again all!

  
  

  • Edited by Sjmry1 Tuesday, August 21, 2012 8:31 AM

  Tuesday, August 21, 2012 7:44 AM
• 

  

  1

  Sign in to vote

  A handful of comments

  - No reason to separate SQL from the primary site server -- I would highly recommend that you don't as separating the two will definitely complicate any failovers you may have and will complicate your installation and maintenance in general.

  - Never use a DC as a site system -- it'll cause you endless headaches and is a terrible security practice

  - For the office with only 12 clients you can use BranchCache (if all of the client are Win 7 Ent) instead of adding a DP

  ---

  Jason | http://blog.configmgrftw.com

  Tuesday, August 21, 2012 1:54 PM
• 

  

  0

  Sign in to vote

  Hi Jason

  DC in aboce diagram stands for data center, not domain controller

  I wnat to separate SQL as I am build SCOM as well and want to house both SCCM and SCOM dbs on a shared SQL system

  The office with 12 PCs are all running XP unfortunately so I cannot use branch cache!

  Thanks!

  Wednesday, August 22, 2012 6:49 AM
• 

  

  1

  Sign in to vote

  I wnat to separate SQL as I am build SCOM as well and want to house both SCCM and SCOM dbs on a shared SQL system

  Plan and test carefully. Both products heavily rely on SQL server and can put a huge load on it. Also make sure you use two separate SSRS instances because OpsMgr takes over SSRS security making it unusable for any other application.
  

  ---

  Jason | http://blog.configmgrftw.com

  Wednesday, August 22, 2012 1:53 PM
• 

  

  0

  Sign in to vote

  super, thanks for your help Jason!

  Wednesday, August 22, 2012 2:03 PM
• 

  

  0

  Sign in to vote

  Hi all, again!

  I just need clarification on one thing:

  Do I need secondary site servers for my deployment?  What will they give me should the primary site server at the primary data center become unavailable?

  Thanks

  Monday, September 3, 2012 12:59 PM
• 

  

  0

  Sign in to vote

  Secondaries are only needed if you are concerned about the upward traffic (clients to primary). Secondaries do not provide fault tolerance.

  ---

  Torsten Meringer | http://www.mssccmfaq.de

  Monday, September 3, 2012 1:25 PM
• 

  

  0

  Sign in to vote

  thanks Torsten!  I dont think I need them in my case then!

  Monday, September 3, 2012 1:36 PM
• 

  

  0

  Sign in to vote

  Did you update your SCCM diagram and care to share your final design?  Send to: jeff.jung@allianzlife.com

  Thanks!

  Tuesday, August 27, 2013 1:48 PM
• 

  

  0

  Sign in to vote

  Hi ,

  I like this post very much and it is almost similar on which I am working on at the moment.

  Is it possible for you to share SCCM Ifra diagram with me so that It will really help me.

  Thanks

  Wednesday, August 13, 2014 2:54 AM