Solved

ports for sccm 2012

Posted on 2016-08-22
  • SCCM
  • Microsoft Server OS
  • Windows OS
  • IT Administration
  • Network Management
  • +2
1
87 Views
Last Modified: 2016-09-30
We have Two untrusted forests separated by firewalls. we will install sccm site in forest A. we will also install management point and distribution point in the forest B. system discovery doundary groups are all clear. my question is related to client deployment and DNS

1. Is it required to open ports between sccm site server in forest A to all client computers in forest B. we will  have a MP/DP in forest B. for client push I believe sccm site server needs to communicate with all the clients in forest B. this is a issue for us. instead can we deploy the agent using Group policy and close ports between clients in forest B to sccm site server.

2. as there has to be name resolution between the forests we are planning ro use conditional forwarders. but conditional forwarders will allow all users to resolve names in domain A. this is an issue. can we use anything else like a host file for name resolution.

we want clients in forest B only talk to mp/dp installed in the forest. we do  not want to open ports between clients in forest B to sccm site server in forest A.
0
Comment
Question by:Aamer-
1 Comment
 
LVL 7

Accepted Solution

by:
Scobber earned 500 total points
ID: 41768662
Why not use a conditional forwarder to msdcs. Sitea.local and siteb.local

Then create a alternate domain in each site serving the names required. I'm assuming it's all static ip on any infrastructure your users desire access to
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Scan Mac for security breach? 5 42
Sony EVI-D70 and Skype 2 34
SCSM reports export 1 15
Start menu in Windows 10 not working when on Domain 11 24
IT certifications are a concrete representation of continual learning on the part of the candidate.  Continual learning is necessary for the long term success of an IT professional, but are IT certifications the right path for you?
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question