SCCM 2007 Deployment - Management Point Issues

I have an SCCM environment I recently rolled out. I setup 1 primary server here in the states with secondary servers everywhere around the world.

My boundaries have been set to point all of the sites to their closest (data speed wise) secondary site server.

In the SCCM console when I go to Site Database / Site Management / <Primary Site> / Site Settings / Component Configuration and double click Management Point Component it allows me to set the Default Management Point to the Management Point radio button and I have the management point server name available to me.

If I try the above any of the secondary servers the Server Name drop down list is empty. I have the schema extended and the management point is publishing to AD. What could be causing this issue? Is there a Boundary problem?
Who is Participating?
ToxaconConnect With a Mentor Commented:
You can't set default management point to a secondary site. Secondary sites cannot have clients so there is no possibility to assign a default management point.

Instead, you assign proxy management points to client by means of boundaries, so the clients assigned to the secondary site boundary will use the local/proxy management point for communication by default.
SCCM - Site Database, Site Mangement - <SECONDARY> Site Settings, Site Systems, and select the SITESYSTEM

You should see "ConfigMgr Management Point" - Is the properties of this set to use this as a Management point? SCCM console screenshot
ExproDustinEstesAuthor Commented:
The only thing I didn't have set on that page of the Management point was the "Allow devices to use this management point". But I thought that was in reference to the mobile devices that could be managed by SCCM. Not standard network devices. Am I wrong in that assumption?
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

No - You are quite right.

Are your Secondary site - Computer Accounts, members of the Primary Sites - Local Administrators Group?
MarkieSConnect With a Mentor Commented:
Identical problem was reported on this link

Solution as below..

"For this particular issue, your secondary site(s) MUST either be:
a. Defined as a subnet or AD boundary in the Primary site's Roaming Boundaries, as "Designate this boundary as a remote roaming boundary"


b. Configured as a Proxy management point

Of course there are many other reasons that are possible, this one is just specific to my issue."
ExproDustinEstesAuthor Commented:
I had seen this article before but I found this info @ TechNet Article

In SMS 2003, the site server's local subnet is automatically used as the site boundary for the site during setup. In Configuration Manager 2007, there is no default boundary created during setup, and you must manually create the boundary for a site when setup has completed. In SMS 2003, there are site boundaries and roaming boundaries, but in Configuration Manager 2007, there is only one type of boundary and it is equivalent to SMS 2003 roaming boundaries. Computers are assigned as clients to Configuration Manager 2007 sites according to the site boundaries you configure in the Configuration Manager console. Boundaries can now be defined by IP subnets, Active Directory site names, IPv6 Prefix, or IP ranges.

Last night I removed all of my boundaries so that I could get this back to almost vanilla. Today I am still unable to configure the default MPs for the secondary sites. Also, I have a few advanced clients deployed. When I try and auto discover their default MP that returns an error. But when you check the logs they state that they were able to discover the MP just fine and report the correct the MP.
You have Boundaries set for your Secondary sites.  
Do you have a Boundary set for your Primary site system?
ExproDustinEstesAuthor Commented:
No I had our AD sites mapped to their respective secondary sites. I didn't think any were meant to go into the Primary because then it would cause overlapping.

It seems rather confusing as to how you would be able to NOT overlap. If the secondary site server is on the secondary site subnet and that subnet needs to be apart of the primary sites boundaries so it can be seen by the primary then wouldn't that make every other device on the secondary subnet now apart of the primary sites boundaries as well. Then in turn not directing that subnet to the secondary site.

The only reason I have an MP on a Secondary site is becuase we are doing a sort of 2 tier system with Front End/Back End servers.

The front and back end both sit on the same subnet. Back End runs Primary with SQL instance. Front end runs reporting, MP, FSP, admin console, and eventually PXE and so forth. I have the front end server added to the Site Systems section of the backend server because that is the only way I can get all of these features installed on it. Because it is added in this way the back end primary server is able to be configured with the default MP reflecting the secondary site servers name.

FE and BE are on Subnet A, Subnet A is apart of Primary Sites Boundaries. I just added another secondary site server address to the Primary's boundaries by specifying an IP Address Range boundary and only using a range to encompass the one server. I am waiting for the changes to take effect so that I can see if I can now configure this new Secondary Site with the Default MP

Hope that makes sense.
Do you have IP Subnets defined in AD?
It made sense after a drew a pretty diagram!! ;-)

In subnet A - AD Site OFFICE1
Primary SCCM Site Server - Named BACKEND, has SQL installed

In subnet A - AD Site OFFICE1
Secondary SCCM Site Server - Named FRONTEND,
Roles - Management point, Site Server, Component Manager
Boundaries - AD SITE OFFICE1

In Subnet B - AD Site Office2
Secondary SCCM Site Server - named "Country2"
Roles - mangement point, Site Server, Distribution point
Boundary - AD Site Office2

In Subnet C - AD Site Office3
Secondary SCCM Site Server - named "Country3"
Roles - management point etc etc
Boundary - AD Site Office3
ExproDustinEstesAuthor Commented:
mostly right, except all of the secondary servers in the other countries dont have the management point role installed on them. All of the clients will go back to the central MP to receive policy etc... then look to the secondary site server to tell them where there respective DPs are etc...

But my question is, they say don't overlap AD boundaries. So if the Primary has every AD site in it's boundary and then you give each Secondary Site one of the AD boundaries is that not overlapping?
ExproDustinEstesAuthor Commented:
@Toxacon- Thank you for your help. I was wondering if it was supposed to be that way since all the clients would auto discover the MP through ADSS anyways and only go to secondary sites as a secondary step. Thank you for the clarification. I tried looking this topic up online but google was not finding any posts putting it quite as simply as you.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.