slice16 Posted January 26, 2012 Report post Posted January 26, 2012 Hello All, I am hoping you can point me in the right direction with a complicated Site Assignment configuration. I am deploying SCCM 2007 R3 across 3 forests that have a two way transistive trust between each. As per MS best supported practice, I will have a primary site for each forest, reporting up to a central site for Administration/Reporting. As per: Central | ----------------------------------- | | | PS1 PS2 PS3 This is fairly straght forward if each forest has dedicated subnets. (e.g. Forest1:Site 1, 192.168.0/24, Forest2:Site1, 192.168.1/24), Each client would sit within their own subnet and automatically assign to the relevant Primary site. The issue I have is one subnet may have clients from all three forests. So I may have a client in Forest 1 that assigns itself to another primary site because of its IP address. What are the implications of this? My main concern is distribution point and policy gathering. Will I need to manually assign the clients? Thanks Paul Quote Share this post Link to post Share on other sites More sharing options...
Eswar Koneti Posted January 30, 2012 Report post Posted January 30, 2012 mixing of site boundaries(duplicating site boundaries) may cause several issues to the clients and client may fail with site assignment process and receving policies as well. I would prefer to go with IP address range as boundaries that gives good amount of tracking clients and aviod issues. Quote Share this post Link to post Share on other sites More sharing options...
slice16 Posted January 30, 2012 Report post Posted January 30, 2012 I have been thinking a little more about my predicament, and think I have got my head around the process, and the implications I may face. As an example, I will use the following: Primary Site 1 (PS1) Boundary 192.168.0.0/24 Forest: ForestA.local Primary Site 2 (PS2) Boundary 192.168.1.0/24 Forest: ForestB.local Now say I have 2 clients that are physically located at 192.168.0.0/24. ClientA is a member of ForestA and Client B is a member of ForestB. During site assigment, both clients will be assigned to PS1 due to the subnet location. Client A will gather this information from the AD schema, and ClientB will get it from the SLP. My understanding here will be both clients will have full functionality once assigned from PS1, regardless of their Forest membership? Now, when a client moves to 192.168.1.0/24, they will be using Regional Roaming, and be unable to access any resources in PS2. Is this correct? This is a pretty flat hierarchy where both PS1 and PS2 report to a CEN site. My overall question is, does SCCM care forest membership for the clients, as long as they are trusted? Thanks in advance, Paul Quote Share this post Link to post Share on other sites More sharing options...
slice16 Posted January 30, 2012 Report post Posted January 30, 2012 Hi Eswar, Sorry I was adding another reply when you posted. My site boundaries wont be overlapping, but I will have a number of duplicate subnets configured from AD Users and Computers between the forests. My post above should go into a little more detail into my configuration. It isn't the easiest of setups due to the corporate structure. Thanks, Paul Quote Share this post Link to post Share on other sites More sharing options...
slice16 Posted January 30, 2012 Report post Posted January 30, 2012 Right, think I have sussed it now. This article explains it pretty well: http://technet.microsoft.com/en-us/library/bb680334.aspx Basically, if a client is not in the same forest as the site, it will need to contact the SLP. The SLP will be configured during client installation. If they move to another site at the same level within the hierarchy, it will be unable to locate any content sources within the separate site. Quote Share this post Link to post Share on other sites More sharing options...
MisterMax Posted April 13, 2012 Report post Posted April 13, 2012 Hi, I've similar problem, because I use for my Sccm one primary server and 3 secondary, for patch managment in my site. All server in my farm are part of 3 forests/domain, plus servers in workgroup. The infrastructure is ok, but the problem occours during the deploy, because all server with SccmAgent point to distribution-point in primary server. On primary server there are Distribution point, Managment point, locator point and other. And I've a managment point to another site (secondary), and in all secondary there are distribution point. I set the boundaries for have 4 different site-code (1 primary + 3 secondary). I tried to set in different method: Ip range, Ad-site and ip subnet. But the problem has remained. The only Right boundaries are those without the agent, but that are part of the domain on which it rests Sccm, and this is a strange result. Someone can give me an explanation? thank you Max Quote Share this post Link to post Share on other sites More sharing options...
