Adding a new domain to Configuration Manager

Question

Hello,

I have two domains AD & ADTEST one-way external trusts to one another.
I have in each domain Configuration Manager Installed:
AD Production CM VRPSCCMPR01 (Endpoint Protection point role) + 1 MS + 12 DPs + 2 SUP + 1 CMG
ADTEST Test CM VITSCCMCB (all roles on 1 server)

As we are moving from Sophos, which was connecting to both domain clients, to System Center Endpoint Protection + Windows Defender when needed what is the best new environment?

Two different endpoint protection environments, one in AD & one in ADTEST?
One unique environment in AD and adding ADTEST environment to the AD environment within Configuration Manager itself?

Looking for idea?
Thanks,
Dom

Answer 1

Hi @Duchemin, Dominique,

Thank you for posting in Microsoft Q&A forum.

From your description, it is not clear to we why you want to add a new domain to Configuration Manager.

To System Center Endpoint Protection + Windows Defender, some machines are managed by System Center Endpoint Protection, and some are managed by Windows Defender.

In order to clarify your needs, can you provide more information for this content: As we are moving from Sophos, which was connecting to both domain clients, to System Center Endpoint Protection + Windows Defender when needed what is the best new environment?

Looking forward to your feedback.

Answer 2

Hello,

I want to add a new domain to Configuration Manager to have a Central Management of System Center Endpoint Protection by a unique point.
All Clients are managed by System Center Endpoint Protection and Windows Defender Feature is installed ONLY as requirement for Windows Server 2016 & Windows Server 2019 before System Center Endpoint Protection could be installed.

Thanks,
Dom