AleksaCvijanovic
Active Member
- Messages
- 29
- Reaction score
- 0
- Points
- 1
Hi everyone,
We are facing an issue in our Microsoft Endpoint Configuration Manager environment after acquiring another company.
They have their own Active Directory domain in a separate forest. We have configured a two-way forest trust between our forest and theirs.
Here is what has been configured so far:
All of their machines remain in "Unknown" client status in the MECM console.
They are visible, the client installs successfully, but they never transition to Active/Healthy.
Has anyone experienced a similar issue in a cross-forest scenario?
What additional components should we verify?
We are facing an issue in our Microsoft Endpoint Configuration Manager environment after acquiring another company.
They have their own Active Directory domain in a separate forest. We have configured a two-way forest trust between our forest and theirs.
Here is what has been configured so far:
- Two-way forest trust is in place and working
- All required network ports are open between the environments
- Forest Discovery is enabled for their forest
- Their resources are being discovered correctly
- Boundary and Boundary Group are created for their subnets
- The clients appear in the MECM console under Devices
- Client push installation works successfully
- MECM agent installs without errors
- We can access their machines via \\hostname\c$ without issues
- Required accounts are added to the local Administrators group via GPO
- We also added our MECM site server as local administrator on their machines
- The System Management container exists in their AD
- MECM is successfully publishing objects into their System Management container
All of their machines remain in "Unknown" client status in the MECM console.
They are visible, the client installs successfully, but they never transition to Active/Healthy.
Has anyone experienced a similar issue in a cross-forest scenario?
What additional components should we verify?
