Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2835 Discussions

Its possible provisioning a computer with sccm client between two forests?

idata
Employee
‎04-06-2011 09:14 AM
1,566 Views

Hello, I will tell my case to see if anyone can help me. I have a fairly old domain (eg. contoso) with level Windows 2003 functional, I have all the servers and computers. I want to add the vPro functionality, I have installed SCCM 2007 SP2 for to do it.

 

It creates another additional domain in a forest (eg. corporate.com) and implemented a CA on a Windows Server 2008 R2

 

It adds a bilateral trust relationship between the two forests.

Its possible provisioning a computer with sccm client between two forests?? It's supported??

0 Kudos

Link Copied

4 Replies
idata
Employee
‎04-08-2011 01:42 AM
343 Views
In response to Adolfo_S_Intel2

Thanks, but I don't understand what you mean ...

 

I have installed SCCM SP2 with OOBE role and configured in a forest (contoso). I have installed Microsoft CA and all computers with Windows Vista in the same forest and are discovered and provisioned devices without problems.

 

My question is, if I change the original CA for another (windows 2008 R2) in another forest (corporate), the computers will continue provision??, is't supported?

Thanks

In response to Adolfo_S_Intel2
0 Kudos
Copy link
Bruno_Domignues
Employee
‎04-12-2011 04:34 PM
343 Views
In response to idata

In theory, you can do it as far SCCM 2007 SP2 computer account retain the permission on CA and template to issue certificates.

However, you must carefully plan this movement. The original CA must be available for a period of time while you renew vPro client certificates, since management console should consult the CRL of the original CA.

BTW: if you use this CA for S/MIME and file encryption the requirement to keep the original CA will be much harder.

Best Regards!

--Bruno Domingues

In response to idata
0 Kudos
Copy link
idata
Employee
‎04-24-2011 02:08 AM
343 Views
In response to idata

Ok, thanks. In theory...

Someone has tested??. I get a mistake

In response to idata
0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.