SCCM ID Cross Domain Access (Network Steve Forum)

SCCM ID Cross Domain Access

Hello,

I have an SCCM domain admin ID. Need to use this in another domain but this cannot be used as a domain admin for any other domain.

If I make this ID member of each computer's administrator group via GPO, would it be OK or it would disrupt or affect any SCCM activity ?

Another option is to create a new domain admin in another domain. If I do this, Could I authorize this for SCCM server operations, like adding to Network Access Account etc.

Thanks

Edited by Vikram Midha Tuesday, July 07, 2015 9:08 AM

July 7th, 2015 9:08am

As I am trying the Client push with the new ID "ABC".

Have already configured this in the SCCM client push account but getting the following error on all the machines tried

WNetAddConnection2 failed (LOGON32_LOGON_NEW_CREDENTIALS) using account domain\ABC (00000043)

Free Windows Admin Tool Kit Click here and download it now

July 8th, 2015 9:09am

Hello,

As per the analysis done, I was able to find that for some reasons, the machines are not pinging from the primary server with their name. For example : The machine ABC is not pinging if directly pinged with name

ping ABC

but when done with FQDN, it pings perfectly.

ping ABC.123.com

I believe this is the reason that if the server is not able to resolve the machine name, it will not connect. ?

July 21st, 2015 3:26am

That could be the reason. You have to make sure that name resolution is working fine.

Free Windows Admin Tool Kit Click here and download it now

July 21st, 2015 3:32am

I think so, but doesnt SCCM resolves the FQDN automatically or does it work with only the hostname.

Doesn't it try the FQDN is hostname is not pingable ?

July 21st, 2015 3:47am

I think so, but doesnt SCCM resolves the FQDN automatically or does it work with only the hostname.

Doesn't it try the FQDN is hostname is not pingable ?

Edited by Vikram Midha Monday, August 03, 2015 6:03 AM

Free Windows Admin Tool Kit Click here and download it now

July 21st, 2015 7:44am

These are the errors I am getting on most of the machines but strangely 7-8 of them worked for the client push. not sure whats the reason, others are failing with either of the error code :

---> ERROR: Unable to access target machine for request: "2097158450", machine name: "ABC", access denied or invalid network path.

---> ERROR: Failed to connect to the \\DEF.domain.com\admin$ share using account 'Machine Account'

August 20th, 2015 4:34am

I recently noticed that now it shows 45 machines where the client was pushed successfully but there are still 150+ machines without it. I cannot say this is slowly progressing since this is stagnant on this number (45) for many days now.

The error is common as mentioned above for the failing 150 machines.

Not sure how it worked for other 45 machines.

Free Windows Admin Tool Kit Click here and download it now

September 9th, 2015 12:43am

This topic is archived. No further replies will be accepted.