Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Changing boundaries - AD Site to Subnet

Posted on 2009-07-10
10
Medium Priority
?
1,780 Views
Last Modified: 2013-11-21
Due to a recent change on our network, I can no longer define the site boundaries of a primary site (RCC) by AD site name.  We must change boundaries to subnets and I have a few question:

1. Is it easy as just plugging in the two or three subnets for the primary site and that's it?  Do I need to change the client push installation properties for the site code?  Right now its set to SMSSITE=AUTO.
2.  There are several child sites of RCC.  These sites actually use their own AD Site code in their site properties.  They have their own DP, but they all use RCC as a proxy MP.
3.  Do I need to change any settings in the 'System Management' container in AD.  There are still SLP/MP entries for 'SMS-MP-RCC-RCCSMS1' & 'SMS-SLP-RCC-RCCSMS1'
4.  Do I need to change any of the courier sender properties?
5.  Do I need to modify anything is SQL?

Thanks guys!!
0
Comment
Question by:net1994
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
10 Comments
 
LVL 15

Expert Comment

by:HayesJupe
ID: 24827948
1) yes for first part and no for second
2) is that a question ?
3) if the sites are the same name with new boundaries, those boundaries will update the existing objects. If the SLP's wont change, as the servers are still the same... just their boundaries are defined differently.
4) no. Again, the site codes are stil the same the boundaries are just changing
5) no - never a good idea to update SQL directly when dealing with sccm. Should always be done via the sms provider.
0
 
LVL 1

Author Comment

by:net1994
ID: 24829145
Hayes,

Sorry I forgot to mention we are using SMS 2003, not SCCM.  Does that change any of your remarks?
0
 
LVL 15

Expert Comment

by:HayesJupe
ID: 24829428
no, the actual structure of sites etc hasnt changed between sms and sccm (excluding Branch DP's)
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 10

Expert Comment

by:JonLambert
ID: 24829520
Hayes has nailed it, some additional comments

(1) The SMSSITECODE=AUTO just means that instead of FORCING the cilent to report to a particular site, the client will use it's Site Boudaries (whether AD Site or IP Subnet) to determine it's Management Point

(2) The clients in your secondary do not use RCC as a 'proxy' management point, RCC is actually their management point.  All clients report/use a Primary Site for all policy, as secondary site can be a 'proxy management point', but that is mainly for collecting Inventory/Metering information to send up to the primary via Senders .. the clients still will communicate with the actual primary for their policy

(3) SMS will update this, just ensure that the Primary Site server AD object has at least change access to this container so it can make the changes.

0
 
LVL 1

Author Comment

by:net1994
ID: 24832013
About how long would it take for about 2000 clients to pick up the new boundries?  I assume it will take a few days?  I can use the SMS tools and Right click 'Refresh Policy, Refresh Machine Policy' on ALL Systems.  But this is a bit impractical (I think?) as it won't hit every client at any one time.

Given this uncertainty, is there a query I can run on a collection to show what MP they can now see?  Its kind of funny, as I am sure there is a script out there that can do this, but if a client can't find a DP how will they ever run it!  A black comedy for sure!!    It shouldn't be as drastic as restarting the client?

0
 
LVL 15

Expert Comment

by:HayesJupe
ID: 24832344
I'll let jon take this one - he's just started on EE and in process of building up his points! (we work together)
0
 
LVL 10

Expert Comment

by:JonLambert
ID: 24832518
The default for clients to check for a new policy is 60 minutes, so theres no need to referesh machine policies.  However a machine policy refresh will not force the client to discover the new boundaries.

From a quick investigation it looks like the clients will rediscover what site they belong to every 24 hours, as well as whenever the CCMEXEC service starts.  

You can run the report "Clients in a specific site" to view what clients have already picked up the change.
0
 
LVL 1

Author Comment

by:net1994
ID: 24832715
Boy is this annoying!!  What I just found out is the Networking team took the Central site subnet and combined it with the subnet of the sffected primary site in AD Sites and Services.

 I went onto the primary site RCC and added the subnet for that site and waiting a bit.  As a test, I deployed a small package (use DL from local DP).  In the client log, it connects to to both the central site and primary site RCC.  Damn!!  I ran the excellent overlapping boundaries tool and this confirmed both sites overlap-completly.  Now I have to do what I am/was dead set against, on the central site use subnets instead of the AD Site boundary as it is now.

This being the case, do the answers to the above thread questions change at all now that I have to modify the central site?  Any major changes/road blocks ahead?

Thanks for the bit of hand-holding guys!1 ;-)  
0
 
LVL 10

Accepted Solution

by:
JonLambert earned 2000 total points
ID: 24832791
NP ... there are no challenges, just add in the subnets, and remove the AD sites.  I've had to do this on ocassion where we have a single AD site covering multiple WAN connected sites (bad design, but not in our control), so we've had to remove the AD site and use subnets for that site instead.  
0
 
LVL 1

Author Closing Comment

by:net1994
ID: 31602189
You've been a HUGE help. Thanks again.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Desktop Protocol or RDP has become an essential tool in many offices. This article will show you how to set up an external IP to point directly to an RDP session. There are many reasons why this is beneficial but perhaps the top reason is con…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question