Set up AD domain on VLAN with private IP
Hi I got a really weired situation here. I have been asked to manage classroom computers across campus using a Domain controller and SCCM server. I have set up AD and SCCM in lab enviornment and they are all on same physical network and subnet. I didn't have any issue so far.Now with new network setup our network admin advised to use VLAN and all my servers and client pcs will be assigned 192.x.x.x IPs. There concerns is nobody should be able to see or ping my server or cleints from outside. As they are not big believer of AD and running DNS on windows server, they are very concerned about security. I understand their points but my coencern is if I set up AD and SCCM in VLAN and with private IP what are the consequences. I am worried about having issues with SCCM site server not being able to communicate properly. What all issues I need to be aware of ? I need to manage pcs with SCCM for updtaes, inventory and OS deployment. Will PXE work properly in such envrionment?Please advise. Thanks in advance.
March 11th, 2010 2:38am

These are essentially basic networking issues around connectivity. ConfigMgr doesn't care about IP addressing, DNS resolution, VLANs, etc. These are all things handled below ConfigMgr in the OSI stack. ConfigMgr needs connectivity; it's up to you to provide that connectivity by properly configuring the network and other core services. If these aren't working properly, then of course you will probably have issues, but these have nothing to do with ConfigMgr. Taking each one of the things you mentioned, you have to break them down to what's required. I am worried about having issues with SCCM site server not being able to communicate properly. Communicate with what? Communication is a function of network and not ConfigMgr. Updates ConfigMgr typically pulls updates straight from Microsoft so there will be challenge here but there are documented work-arounds in the TechNet documentation. Inventory and OSD All of the info you've provided above has nothing to do with ConfigMgr proper. As long as the server can talk to the clients, inventory and OSD don't care about the networking details. PXE PXE definitely has a lot of network dependencies, but nothing you've stated above poses any issues. These are all fundamental networking issues that need to be worked out before you even think about ConfigMgr. I'm not trying to insult you or put you down, but your questions show a basic lack of knowledge of networking and computers in general that is absolutely required for you to successfully implement and maintain ConfigMgr. Like I said, please don't feel insulted by this, we were all there at one point, but you are truly setting yourself up for failure if you don't know the basics: things like the OSI model, IP Addressing and subnetting, what a VLAN is, how networks communicate, basic routing, etc. Also, tell the "Network Admin" he's pretty clueless. Windows runs the world and is very secure, time for him to come out of his Microsoft-bashing shell and look at reality.Jason | http://myitforum.com/cs2/blogs/jsandys | http://blogs.catapultsystems.com/jsandys/default.aspx | Twitter @JasonSandys
Free Windows Admin Tool Kit Click here and download it now
March 11th, 2010 5:15am

Hi JasonThanks for your time. Even though my question sounds so vague and stupid, I appreciate you took time to respond and share your thoughts. I can only tell you why i am here...I am the only person designing and trying to deploy this SCCM here....nobody in my institute has any idea what SCCM is and how powerful tool it is. Being the most junior IT person, I am trying my best to make it happen.Anyway, I am confident and hopefully I will get it going with my little knowledge in networking and system. I am dealing with big network admin here who have no idea how AD works..so I have to find my way out.Thanks again.
March 11th, 2010 7:15am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics