Hi all,
We are in a bit of "trouble" here.
At the moment we have our main domain, lets call it xy.com and a separate domain for our production sites, lets call this zy.com.
In our main domain we have ConfigMgr setup with full PKI infrastructure and everything is working as it is suposed to do.
Now we want to expand our current setup to the other domain, and here comes the issues and where we need help in thinking.
The domain zy.com is not trusted and does not have any PKI in place. There are DNS forwards configured so we can communicate.
Another issue is that every single site is it's own island, so to say, that can only communicate with one other network that has access to all sites. (This is where the DC is located)
My initial thought was to setup a new secondary site at zy.com and one DP at every location. But if I'm right this is not supported since there is no trust between the domains right?
So next step was to try and setup a new DP, MP and SUP in the zy.com domain.
But since there is no PKI in place, this communication will not work, am I right?
I've added the forrest to the current primary site and replication is working, I can that the System Management container is updating and everything.
So, how would one go about to solve this issue? Or what should the dessign be like?
Best regards