Untrusted domain to enroll
Question
Hi Everyone, query regarding for roles.
Requirement – To build new sccm infra for multi forests & domains.
There are two forests, like A forests & B.
In A forest have 4 child domains suppose A.com/B.com/C.com/D.com.
In B forest have 1 domain E.com
I am thinking if i build new sccm infra with all roles in A.com domain, and add other domains (B/C/D) to A.com sccm infra, for that do i need to install MP/SUP roles in each domain (B/C/D) or would it work with only Primary server (A.com) domain? Can we use same primary sccm servers to other domains without installing any sccm role to other domains B/C/D domains?
Secondly, In B forest case, when i add B forest to A.com domain in sccm, in that case do i need to install MP/SUP roles for B forest in order to get patched machines?
Pls suggest
Thanks
Raj
Answer ( 1 )
First thing you should do is find out if there is trust relationship between your forests.
There is one article explains about that written by Anoop Nair and it should give you more clarity.
https://www.anoopcnair.com/sccm-possible-mp-rotation-and-selection-forest-trust-related-bug/
The article was for SCCM 2012 and that bug is no more but the explanations in the article helps us about untrusted forests and domains.