markbeijer
New Member
- Messages
- 1
- Reaction score
- 0
- Points
- 1
Hi,
We need to ensure that SCCM clients are receiving updates and applications/packages while they are not connected to the corporate network, but connected to the Internet.
Fact is we support multiple customers with multiple AD domains with 3 SCCM sites. 1 site for central administration (in a separate AD domain) and 2 sites of which 1 site is for internal use (separate AD domain) and 1 site for all customers (with multiple AD domains).
How can we enable IBCM with this configuration?
For IBCM you need a PKI infrastructure which bound to an AD domain of forest, but we have multiple customer domains of which some do not have a PKI infrastructure we can use.
The Primary Site Server for customers is member of a different AD domain as the other site servers part of the same SCCM site. These site servers are member of the customer AD domain they provide services to the clients in the same domain.
What PKI infrastructure setup must/can we use to issue certificates for SCCM connectivity? Do we need a per AD domain PKI infrastructure and if so how can we allow communication to the primary site server in a different AD domain?
I hope someone has dealt with this configuration before and is able to help us set this up.
Thanks!
We need to ensure that SCCM clients are receiving updates and applications/packages while they are not connected to the corporate network, but connected to the Internet.
Fact is we support multiple customers with multiple AD domains with 3 SCCM sites. 1 site for central administration (in a separate AD domain) and 2 sites of which 1 site is for internal use (separate AD domain) and 1 site for all customers (with multiple AD domains).
How can we enable IBCM with this configuration?
For IBCM you need a PKI infrastructure which bound to an AD domain of forest, but we have multiple customer domains of which some do not have a PKI infrastructure we can use.
The Primary Site Server for customers is member of a different AD domain as the other site servers part of the same SCCM site. These site servers are member of the customer AD domain they provide services to the clients in the same domain.
What PKI infrastructure setup must/can we use to issue certificates for SCCM connectivity? Do we need a per AD domain PKI infrastructure and if so how can we allow communication to the primary site server in a different AD domain?
I hope someone has dealt with this configuration before and is able to help us set this up.
Thanks!
Last edited:
