Hi everyone,
I’m hoping somebody can help me out, as I trawled the web and can’t find anything specifically related to my situation. I'm fairly new to SCCM (and subsequently MECM) and have been assigned a project upon starting my new role.
I’ve inherited a 2006 SCCM. Over the years it’s been tinkered and tweaked with to a point where it’s now no longer fit for purpose. The in-house knowledge has disappeared over the years, so rather than trying to unpick and fix the current environment, I have built a new Endpoint (MECM) current branch from scratch.
This new, clean, current branch environment will firstly sit alongside the existing SCCM environment, with a view to moving across all devices into the new MECM. The new current branch has: New SQL, new site name, new service accounts for adding Site Roles and no PXE for interference. The essential pre-requisite is that the new MECM doesn’t bleed into or cross-pollinate with the current SCCM, until we are ready for it to fully replace the current infrastructure.
My idea is to keep the new current branch ringfenced from the older SCCM and manually move over a few ‘test’ devices, prior to making any wholesale changes. I’ve ensured Boundaries haven’t crossed and have installed various Site System roles (including Software Update Point). I’ve also configured Client Push Installation and authenticated via a different service account to that used in the older SCCM.
However, I’ve encountered several issues:
Firstly, I’m unable to push out the Install Client directly from MECM.
Nor am I able to prevent new and existing Devices from being automatically discovered and added into SCCM. Despite me moving certain devices to a dedicated OU in AD and setting that Boundary IP range within the new MECM, the devices are still discoverable and automatically appear back in SCCM. I have disabled all Discovery Methods in SCCM as well as deleting the devices from SCCM and manually uninstalled the client, but still they re-appear.
How do I make SCCM stop discovering these devices? And prevent it from continuing to push out the Client? What do I need to disable from SCCM in order for this to happen? Am I correct in saying that I should remove the Client Push Installation account?
Also, shall I remove or disable the existing Boundaries and Groups? Or is there something else I should try first?
I'm wondering if this is merely a SCCM issue, or could there be policies embedded within AD that is causing the issue. There was a GPO within AD that was pushing out the client, but I have disabled this. However, it feels that there’s still an underlying policy or something else within AD that is continues to identify and add these devices to SCCM.
I’d like to thank you in advance for reading this and your consideration.
Thanks,
Mark.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 8%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 5%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
