Unauthorised Client deployment.. RRS feed

  • Question

  • Hello all, 

    This is one of the O.Sh. moments...not for me but..

    So, I am running the - eventual - global ConfigMgr 2012 project at my company and all is progressing smoothly. Until now. Unfortunately, a bright spark in another (sub-)domain decided they couldn't wait and built their own 2012 server. Apparently, it was in 'test' but really it was connected to the live AD infrastructure. Not knowing what they were doing they enabled client push, Forest Discovery (plus create Boundaries and BGs), System Discovery - you can see where this is going...and boom. Client deployment to their Domain. Cue mayhem from the businesses. They then proceeded to delete any clients from CM and other traces such as Boundaries and disable ALL discovery methods. What a moment. 

    So far, my plan is to obviously keep Client Push off and then..

    • Re-instate Heartbeat on the naughty CM server first to see what chats back.
    • Next on the list is to add Boundaries in the form of IP ranges for each location - I want to do this methodically
    • Add them to a BG  leaving Assigned site empty and add the Site System in and thus get more coming back.
    • Then create Collections based on ranges and then hopefully use something like Now Micro's right click tools to do an uninstall. 

    I want to help this Unfortunate person out (and to keep their job) so I would be grateful for any suggestions or other thoughts.


    (Oh, and it's not me... :)

    ....Luckily MY CM is in the Root domain...)

    Monday, March 9, 2015 3:52 PM


All replies