Jump to content


Install SCCM on Server in Different Domain?

Recommended Posts

Hi All,


I'm very grateful to Niall Brady for providing excellent assistance on how we can install and manage servers in SCCM that are Workgroup machines:



However, I'm now trying to get SCCM to talk to servers that are in a separate domain to our SCCM infrastructure.

In this instance, the separate domain has a Stub Zone in DNS, so as long as I provide a FQDN, I can resolve the SCCM servers in our domain.


I've added the IP subnet of the server in question into Boundaries and associated it with a Boundary Group.

I've added recommended entries into LMHOSTS (See the above URL) to help the server identify which SCCM server is the MP and SLP.

I've requested and have installed a Security Certificate from our regular domain's CA authority.

There is no firewall between the server in other domain and our regular domain.


The SCCM client installs, but never seems to recognize the certificate installed on it. I've tried install CCMSetup.exe both WITH and WITHOUT specifying a FSP, but doesn't seem to make a difference.


If anyone has any other suggestions that might help, will much appreciate it.



Share this post

Link to post
Share on other sites

Hello Dverbern,


How did you install SCCM client? manually or any of SCCM automated methods like client push. It looks you have tried manual method.


Here are some points to check.

1. Are you able to discover the clients/machines from the network boundary (of new domain) which you have added?

2. If no, then first try to fix this before client installation. If yes, then give a try to client push method on one or two machines.


Also I think two way trust is needed between domains which are not in same forest. Please take a looks on these and advise.

Share this post

Link to post
Share on other sites

Hi mehraranjit, thanks for your reply.


Yes, I was using a manual client install.

I'll follow your suggestion and check if I can discover any machines in that same boundary. Although, because the machines are in another domain I may not be able to discover them.

I'll also check whether we have a two-way trust or whether it is just a stub zone we are using.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...