i have 2 AD forest with 3 locations Forest A has around 300 workstations - Location IND Forest B has around 50 workstations - Location BAN Branch office has around 15 workstations and is part of Forest B Connectivity ia around 2 Mbps and features required are Inventory (software and hardware), Remote tools, Software deployments including App-v, Patch management, desired configuration. I have to design the SCCM site hirarchy and thinking on the following. Any inputs will be appreciated - Since No. of workstations are very less, i am planning to have primary site at IND location in Forest A - Will assign all the workstations from Location BAN in forest B directly to Primary site server in Forest A. Branches in Forest B will also assigned to Forest A SCCM primary site - Will distribute Distribution points. Will have one DP site system in Forest B (Location BAN) and will have 1 Branch DP in branch location in Forest B Any suggetions if this setup will work across the multiple forests? Any special consideration i need to keep in mind for SCCM single site across AD Forests? Thanks MSExpert

I think no. I think you need to extend schema for both the forest. Other than this i feel there is no issue with design of the environment.

You need to configure a Network Access Account, also consider how you will deploy clients in the other forest. How will you provision the client install commandlines (a gpo perhaps). Naming resolution between the two forest. Clients must be able to find the MP/SLP/DPKent Agerlund | My blogs: http://blog.coretech.dk/author/kea/ and http://scug.dk/ | Twitter @Agerlund | Linkedin: /kentagerlund

Unless you are in native mode you can't have DP's in the remote forest. I'd suggest for ease of administration you place a primary site over there. There are only two supported scenarios in which site systems within a single site are supported across Active Directory forests: The System Health Validator point, used with Network Access Protection Internet-based client management, which supports the following site systems installed in a separate forest to the site server: Management point Distribution point Software update point Fallback status point http://technet.microsoft.com/en-us/library/bb694003.aspxJohn Marcum | http://myitforum.com/cs2/blogs/jmarcum/|

http://technet.microsoft.com/en-us/library/bb694003.aspx This will work fine with the caveats that Kent provided. Extending the schema in both forest doesn't buy you anything because the ConfigMgr site will only publish to its own domain. Clients in the second forest will be treated as wrokgroup clients; workgroups are fully managable and the only real difference with them is in discovery, client installation, site auto-assignment. Each of these have solutions though.Jason | http://myitforum.com/cs2/blogs/jsandys | Twitter @JasonSandys

You can create a two way trust between Forest A and Forest B and create a client install account. As Jason said clients in Forest B will be treated as workgroup client, thus for workgroup clients you have to install them manually. And Server Locater Point must be created and published WINS server to complete client assignment. Take this document as a reference: http://technet.microsoft.com/en-us/library/bb680962.aspx Thanks