Hello All,
Our single SCCM 2007 (SP2 R3) hierarchy is operated by 2 vendors for Servers and Workstations respectively.
About once or twice a year someone from Workstation team performs an incorrect software/patch deployment that accidently hits our servers.
I have read in other threads that creating a new hierarchy for servers is not recommended - its not cost effective and special configurations are required, especially regards overlapping boundaries.
The post by Sherry was instructive but I don't think it will help solve the most common type of error we experience : i.e. someone creates/modifies a workstation collection query incorrectly that ends up including servers.
https://social.technet.microsoft.com/forums/systemcenter/en-US/819cf1df-52d1-4335-8697-acd5df68da7b/multiple-sccm-2007-hierarchies-in-same-ad-domain
I was wondering if someone could kindly suggest creative techniques to mitigate this risk. Thanks.
eg. We can monitor to ensure that all workstations packages are specifically updated with "This program can only run on specified Client Platforms