Building Security into Your Hierarchy
You should consider your organization’s security requirements throughout the life cycle of your ConfigMgr implementation. During the design phase, keep the following considerations in mind:
• Active Directory considerations: Although it is possible for ConfigMgr sites and hierarchies to span more than one AD forest, this might compromise your AD security design. The forest is a security boundary in AD. Allowing administrators and systems in one forest to configure site systems or administer clients in a second forest could violate the autonomy of the forest in which the managed systems reside. The strongest protection for the integrity of your AD forests is to isolate each ConfigMgr hierarchy within a single ...
Get System Center 2012 Configuration Manager Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.