I've done some reading and I think it's OK to have two SCCM sites in different domains, different forests, that have overlapping boundaries. These will be defined as a combination of IP ranges and AD sites. Just checking, is this OK to do? Thanks.

Hi Steve, It depends on how you do discovery and whether at any time you are going to want to have a single hierarchy for management. The number one rule from Microsoft is NOT to have overlapping boundaries, but they don't cover this to extend to your situation. Just remember that boundaries are in place so that you can control what managed clients in those boundaries will do in terms of talking to roles in your SCCM environment. You would also need to think about DNS settings if delivered by DHCP to make sure communication in each subnet is setup correctly. If the two SCCM servers will NOT be part of a single SCCM hierarchy and you are only using Active Directory discovery for your managed computers then in theory the computers from the other domain will never be discovered by SCCM even though they exist on the same physical subnets. So it would be OK in this scenario - but if you joined the two servers into the one hieararchy you would need to reassign boundaries. If the two SCCM servers are part of the same hierarchy then I'd suggest you take a different approach and make sure that you don't have overlapping boundaries. Having non-overlapping boundaries in this scenario will assist in client roaming and choosing the correct and closest server in the hierarchy to talk to and also allows you to set up rules as to what happens in certain sites/subnets.

Hi Steve, It depends on how you do discovery and whether at any time you are going to want to have a single hierarchy for management. The number one rule from Microsoft is NOT to have overlapping boundaries, but they don't cover this to extend to your situation. Just remember that boundaries are in place so that you can control what managed clients in those boundaries will do in terms of talking to roles in your SCCM environment. You would also need to think about DNS settings if delivered by DHCP to make sure communication in each subnet is setup correctly. If the two SCCM servers will NOT be part of a single SCCM hierarchy and you are only using Active Directory discovery for your managed computers then in theory the computers from the other domain will never be discovered by SCCM even though they exist on the same physical subnets. So it would be OK in this scenario - but if you joined the two servers into the one hieararchy you would need to reassign boundaries. Almost forgot to add - Active Directory schema extension become very important for you in this scenario. If you are relying on DNS to find the nearest MP then the DNS server delivered to the client via DHCP (if that is how you're doing it) might cause you some problems - just keep it in mind. If the two SCCM servers are part of the same hierarchy then I'd suggest you take a different approach and make sure that you don't have overlapping boundaries. Having non-overlapping boundaries in this scenario will assist in client roaming and choosing the correct and closest server in the hierarchy to talk to and also allows you to set up rules as to what happens in certain sites/subnets.

I've done some reading and I think it's OK to have two SCCM sites in different domains, different forests, that have overlapping boundaries. ... is this OK to do? Where should overlapping boundaries come from when you're talking about separate forests and separate ConfigMgr hierarchies? It shouldn't be a problem based on the information you've given.

Overlapping boundaries can happen when most machines are members of the production AD forest and SCCM hierarchy, but some are members of a development/test forest and hierarchy. Or when you're in the middle of a domain migration when one company has acquired or merged with another. Thanks for the reply.