Hi Gurus ,
I would like to come up with a design for SCCM 2012 as I think it is a good time to migrate from SCCM 2007. I am planning to do it on Server 2012 and SQL 2012.
I have a management forest, and multiple forest’s below this with only a one way trust (the management forest does not trust anything).
I currently run SCCM 2007 and have a Central Site with Primary Sites nested below this. Sincethis is not supported in 2012 and the Primary Site with Secondary Sites nested below is not supported across untrusted domains I have hit a snag and want to make sure my design will work.
From what I read, we do not have near enough servers to manage to require a CAS, although this is the case would our inter forest environment require a CAS to manage multiple un-trusted forests?
I was thinking of installing a primary site and then installing management roles on a server in each forest that we will be managing. Would that be a good start? Please keep in mind that we would also like to integrate Forefront Endpoint Protection into this design. With this design, would I need a SQL server in each of the domains?
I am also wondering if the following site roles would be enough for a management server in each forest? Management Point Distribution Point Software Update Point
I would greatly appreciate your help as I don’t want to implement a flawed design