SCCM manage system in Remote Location and Different Forest

Question

Hi guys, So we have SCCM in office managing 300 clients and it is all working fine.
We have a office in another continent and windows 2016 patching is painful to do.
So, we would like to use our current SCCM config Mgr to deploy updates to those machines but they are in another country and totally a different forest.
We don't want to our SCCM server here to push updates all the way over WAN network as it would choke the BW.

I need some guidance if we can deploy another DP in the remote location and use our office SCCM management point to manage it ?

WSUS deployment is another option but i prefer SCCM.
Thx
Sarav

Answer 1

Hi,

Generally speaking, configuration manager is application level and it's authentication mechanism relies on Active Directory mostly. If there is a 2-way trusts between the 2 forests, it would be better and we can place a DP in the remote forest more easily.

For this problem, the configuration manager expert Jason has written a great blog and we may find both the short answer and detailed steps.

If there is no trust, we can add the target domain to the exist site and install the clients manually to manage them. Here's a step-by-step guide.

If bandwidth is a concern, we may also consider to just retrieve policy from the SUP and get the updates from Internet.

Alex
If the response is helpful, please click "Accept Answer" and upvote it.

Answer 2

If there is a 2-way trusts between the 2 forests, it would be better and we can place a DP in the remote forest more easily.

Note that a trust is not actually required (two-way or otherwise) to place a remote DP or manage clients but I concur that this is a good possible solution.