?
Solved

ports for sccm 2012

Posted on 2016-08-22
1
Medium Priority
?
128 Views
Last Modified: 2016-09-30
We have Two untrusted forests separated by firewalls. we will install sccm site in forest A. we will also install management point and distribution point in the forest B. system discovery doundary groups are all clear. my question is related to client deployment and DNS

1. Is it required to open ports between sccm site server in forest A to all client computers in forest B. we will  have a MP/DP in forest B. for client push I believe sccm site server needs to communicate with all the clients in forest B. this is a issue for us. instead can we deploy the agent using Group policy and close ports between clients in forest B to sccm site server.

2. as there has to be name resolution between the forests we are planning ro use conditional forwarders. but conditional forwarders will allow all users to resolve names in domain A. this is an issue. can we use anything else like a host file for name resolution.

we want clients in forest B only talk to mp/dp installed in the forest. we do  not want to open ports between clients in forest B to sccm site server in forest A.
0
Comment
Question by:Aamer-
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 7

Accepted Solution

by:
Scobber earned 2000 total points
ID: 41768662
Why not use a conditional forwarder to msdcs. Sitea.local and siteb.local

Then create a alternate domain in each site serving the names required. I'm assuming it's all static ip on any infrastructure your users desire access to
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New style of hardware planning for Microsoft Exchange server.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question