Re: Clarifying question about SMS and forests

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Eric A (EricA_at_discussions.microsoft.com)
Date: 09/24/04

  • Next message: saraski: "Re: mssecure.cab file is SMS 2003" 
    Date: Fri, 24 Sep 2004 00:11:03 -0700

    Thanks Kim, you've been very helpful!

    Eric.

    "Kim Oppalfens" wrote:

    >
    > Ok, I went ahead and took a look at the section you are referring to.
    > And indeed you are right it is not very clear.
    >
    > The conditions they are stating apply to advanced security and you want
    > to use machine accounts for your inter-site authentication.
    >
    > "If the forest functional level is set to Windows Server 2003, then
    > creating additional accounts is not required for SMS site-to-site
    > communications to work."
    >
    > So that is a bit misleading, other than that everything Luke said is
    > obviously correct. Inter Site communication can be done between
    > different forests, either in advanced or standard security, with or
    > without trusts configured. (Provided you specify user accounts in your
    > site address to connect, and you give those accounts the necessary
    > permissions). If you want to use computer accounts to communicate
    > between the two sites, than and only than do the stated requirements
    > have to be met:
    >
    > " You are using the Windows Server 2003 family.
    > " The forest functional level is set to Windows Server 2003.
    > " SMS is running in advanced security mode.
    > " The forests are configured with a transitive trust.
    >
    >
    > Intra Site communication (communication between different site systems
    > in one site) is not supported across forests.
    > Hope this helps
    > Kim Oppalfens
    >
    >
    > In article <37698A13-9654-4521-A4E8-CF9B2C704FF4@microsoft.com>,
    > EricA@discussions.microsoft.com says...
    > > Windows 2003 and site communication
    > >
    >
    > --
    > Check out the SMS Technical FAQ:
    > http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/default
    > ..mspx
    >

  • Next message: saraski: "Re: mssecure.cab file is SMS 2003"

    Relevant Pages

    • Re: Communication after switching to Adv. Security
      ... Are the site to site communication address accounts still listed in the ... should continue to communicate with eachother using the specified accounts. ... > I have 2 primary and 13 secondary Sites which all ran on Standard ... > primary sites and a couple of secondary sites, ...
      (microsoft.public.sms.setup)
    • Re: Error when pushing down package to client
      ... The accounts tab is to control ntfs permissions to the source files on the ... > I have specified to use admin credientials inside the package. ... >> Kim Oppalfens ...
      (microsoft.public.sms.swdist)
    • Re: Advanced Client Installation Error
      ... I've tried several accounts to run the setup, ... a resource that is being denied access I could check the sec logs on it. ... "Kim Oppalfens" wrote: ... > performs the installation have administrative privileges? ...
      (microsoft.public.sms.admin)
    • Re: Distribution Points on NT4 Resource Domain
      ... "Kim Oppalfens" wrote: ... > Besides Advanced security as you correctly point out uses computer ... Computer accounts authenticate using the ...
      (microsoft.public.sms.setup)
    • Re: SMS and Administrator password change
      ... Then there is not all that much accounts that are being used. ... Site settings; installation methods;client push installation account ... Which security mode is sms running in? ... >> Kim Oppalfens ...
      (microsoft.public.sms.admin)