Solved

ports for sccm 2012

Posted on 2016-08-22
  • SCCM
  • MS Server OS
  • Windows OS
  • IT Administration
  • Network Management
  • +2
1
60 Views
Last Modified: 2016-09-30
We have Two untrusted forests separated by firewalls. we will install sccm site in forest A. we will also install management point and distribution point in the forest B. system discovery doundary groups are all clear. my question is related to client deployment and DNS

1. Is it required to open ports between sccm site server in forest A to all client computers in forest B. we will  have a MP/DP in forest B. for client push I believe sccm site server needs to communicate with all the clients in forest B. this is a issue for us. instead can we deploy the agent using Group policy and close ports between clients in forest B to sccm site server.

2. as there has to be name resolution between the forests we are planning ro use conditional forwarders. but conditional forwarders will allow all users to resolve names in domain A. this is an issue. can we use anything else like a host file for name resolution.

we want clients in forest B only talk to mp/dp installed in the forest. we do  not want to open ports between clients in forest B to sccm site server in forest A.
0
Comment
Question by:Aamer-
1 Comment
 
LVL 7

Accepted Solution

by:
Scobber earned 500 total points
Comment Utility
Why not use a conditional forwarder to msdcs. Sitea.local and siteb.local

Then create a alternate domain in each site serving the names required. I'm assuming it's all static ip on any infrastructure your users desire access to
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now