WINS and SMS 2003 - Cross-forest requirements

Posted on 2011-02-21
Last Modified: 2012-05-11

My client is looking to extend their existing SMS 2003 hierarchy into a separate AD forest.  The two forests will be joined by a two-way trust; both are based on Windows 2003.

From the Microsoft articles I have seen so far, the way to achieve this appears to be the creation of another Primary SMS Site server to form the top level of the hierarchy within the new AD forest, and have that Primary communicate with the original top-level Primary Site server in the original AD forest.

To achieve this, it seems that WINS is required for comms between the two Primary servers.

My question far does the WINS infrastructure need to extend?  Do I only need to provide WINS for the two top-level SMS servers to communicate, or because of the overall configuration do I need to provide WINS for every Child / Secondary server within the new AD forest also?  I can't find any clarification for this anywhere.

Question by:Mark_R
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
LVL 51

Accepted Solution

Netman66 earned 200 total points
ID: 34947675
I think a simple LMHOST file would work fine as long as your two networks had different IP ranges.

Since SMS 2003 requires AD, you're going to have to setup site boundaries and conditional forwarding, however I'm not sure it will work since SMS belongs to one forest and you're trying to service another.  It might, but I've never tested it.

My gut feeling says it won't work since the other site is not part of the first forest and therefore has completely different AD schemas.


Author Comment

ID: 34961708
Thanks for the reply!

According to the Microsoft docs I've found, the cross-forest operation will be OK as long as the second forest has a Primary Site Server from which all SMS sites in the new hierarchy can 'hang'; in terms of other site's not working cross-forest, Seconday Sites won't so you're right in that respect (again, according to the MS docs!!)

The two networks supporting the forests will have different IP ranges, yes.

So, the thought is that an LMHOSTS file on the second forest's Primary Site server may be sufficient, yes?  
Any child sites in the second forest would be fine to use AD / DNS as they normally would?

I guess I'm looking for as confident as an answer as possible as I have to propose this as a potential solution with no way to test it (the second network and forest don't exist yet).
LVL 51

Expert Comment

ID: 34964654
You could try the LMHOST file, yes.  It's simple and can be quickly undone should it cause other issues.  You may also need conditional forwarding setup in that forest/domain so that child sites could resolve - but it's possible they too will need an LMHOST file.

You could test it using VMs.  It's a bit of work, but it isn't impossible.
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.


Author Comment

ID: 34971619
OK, will test on that basis.  Unlikely that I can respond within the next few weeks with results though, as I don't have access to any test infrastructure (and wouldn't have time to do anything even if I did)and the resources that do will need to be lined up.

If I find anything in the meantime, I will update this thread.  If it starts to drag on too long, i will award points based on what is here.

Many thanks for the input so far.
LVL 51

Expert Comment

ID: 34972315
Take your time, do it right.

No rush.

Author Comment

ID: 35098687
Just an update to avoid unwanted attention!

The thread is open and the proposed solution will be verified, but this will not be for a number of weeks yet.

Author Comment

ID: 36228051
OK, final update.....the solution changed to a fully separate SMS hierarchy in the end, so no cross-forest connectivity was required.  Furthermore, I'm working with a different client now and therefore I can't verify anything from my previous client.

So, I'll award the points to the first answer.  Thanks for your patience!  :)

Author Closing Comment

ID: 36228059
Unable to test proposed solution (see last post in thread).

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

689 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question