Let’s learn how to create boundary groups in ConfigMgr world. Boundary groups are network parameter of SCCM device management. If you don’t have any boundary groups (except Default site boundary group) in Configuration Manager, then you are managing any devices!
TL;DR
Introduction
The ConfigMgr Boundaries define network locations on your intranet. You can manage only devices within these network boundaries. The following are the supported boundary types:
- IP subnet
- Active Directory site name
- IPv6 prefix
- IP address range
- VPN (ConfigMgr 2006 onwards)
The boundaries are useless if they are not part of logical grouping called Boundary groups. ConfigMgr boundary groups are logical groups of boundaries that you configure.
NOTE! – Although each SCCM boundary group supports both site assignment and site system reference, create a separate set of boundary groups to use only for site assignment. Avoid overlapping boundaries for automatic site assignment.
Create Boundaries
- Launch Configuration Manager Console
- Navigate \Administration\Overview\Hierarchy Configuration\Boundaries
- Right click on Boundaries node
- Select Create New Boundary
- Select General tab
- Configure setting for the boundary
- Enter Description– Name of the Boundary – Production Win 10
- Select Type of the boundary as IP address Range
- Starting IP address – 10.1.0.9
- Ending IP Range – 10.1.0.9
- Click OK to complete the ConfigMgr Boundary creation process
Create Boundary Groups
Let’s learn how to create boundary groups and how to configure the boundary groups.
- Navigate to \Administration\Overview\Hierarchy Configuration\Boundary Groups
- Right click on Boundary Groups node
- Select Create New Boundary Group to create new group
NOTE! – Do not use Default boundary group which is already there Default Boundary Group.
- Enter the Name of Boundary Group – Production Win 10
- Enter the Description of Boundary Group – “Add the Boundaries of Production Win10 devices”
- Click on ADD button to add the existing boundaries to this boundary group
- Select Boundaries to add to this boundary group
- Search of Boundaries from the search box
- Select the boundary which is created above
- Boundary Type – IP Range 10.1.0.9- 10.1.0.9
- Click OK to continue
- Click REFERENCES tab from Create Boundary Group
- Site Assignment
- Select Use this Boundary group for site assignment option
- Assignment Site – Select the Primary Site from drop down list
- Click Add button Select Site System Server
- Select the site systems to associate with this boundary group from Add Site Systems window
- Select Site Systems:
- Select Server Name – \CMMEMCM.memcm.com
- Click OK to continue
- Click OK to complete the Boundary Groups creation
Confirmation Boundary Groups
Let’s check HMAN.log to check whether Boundary Group details are published into Active Directory. This publishing is possible only if you have extended the Active directory for SCCM.
Searching for SMS-MEM-167837705-167837705 Ranged Roaming Boundary Object. SMS-MEM-167837705-167837705 doesn't exist, creating it. SMS-MEM-167837705-167837705 successfully created. STATMSG: ID=4911 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_HIERARCHY_MANAGER" SYS=CMMEMCM.MEMCM.COM SITE=MEM PID=3716 TID=4060
Let’s run some more checks with ADSI EDIT to get confirmation of Boundary Groups into your active directory (only if you extended the Active directory).
Logs
Hman.log to understand boundary group and boundary publishing details.
Update site server active directory information into DB Detected Boundary change. Publishing site objects in AD Forest htmd.com Searching for SMS-HT1-167903236-167903242 Ranged Roaming Boundary Object. SMS-HT1-167903236-167903242 doesn't exist, creating it. SMS-HT1-167903236-167903242 successfully created. STATMSG: ID=4911 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_HIERARCHY_MANAGER" SYS=HTMDSCCM.HTMD.COM SITE=HT1 PID=3668 TID=6052 GMTDATE=Sat Jun 20 13:08:57.754 2020 ISTR0="SMS-HT1-167903236-167903242" ISTR1="htmd.com" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 StateTable::CState::Handle - (4911:1 2020-06-20 13:08:57.754+00:00) >> (0:0 2020-06-06 15:13:47.695+00:00)
Results
So we have completed the SCCM boundary creation and SCCM boundary Groups creation!. Now you are ready to Install SCCM clients to Windows 10 production computers. Install SCCM Client Manually Using Command Line
Creating a Boundary Group for a DP…under the References tab at the bottom where it says Site System Servers. Do I had our Site System server or should I add the DP server since this boundary group is for that DP?
Thank you
Yes you have add the remote DP site system server … does that make sense ?
Thanks you. If we are reusing a DP server from our old SCCM server, should I renamed the SCCMContentLib directory on the DP server or will the new SCCM overwrite that directory?
I have not tested this scenario. My recommendation is to rename to have a clean environment.
Thank you. Unrelated to the article, does the Site server need to be a Distribution Point? I’m not sure how the role got installed through the setup process. Under Monitoring – Distribution Status – Distribution Point Configuration Status, I see the Site server is listed.
It’s not mandatory to have DP on site system server