SCCM Untrusted Forest Issues Require the Site server to Initiate Connection. Have you ever noticed the importance of the option “Require the site server to Initiate Connection to this Site System” in Site System Properties?
Is this option really useful? Yes, it’s very important and useful when deploying Remote Site Systems to untrusted forest/s.
- Fix SCCM Untrusted Forest Remote DP Installation Error 0x800706BA ConfigMgr Endpoint Manager HTMD Blog (anoopcnair.com)
- Install A New Configuration Manager Distribution Point (anoopcnair.com)
SCCM Untrusted Forest Issues Require the Site server to Initiate Connection
If you think about an untrusted forest scenario, there is “no way” the remote site system can contact your site server (by default).
Whereas the site server can initiate the connection with the remote site system using “site system installation account.”
Navigate – \Administration\Overview\Site Configuration\Servers and Site System Roles. Right-Click on the Site System role.
Select the properties. Click on General Tab. Enable Require the site server to initiate connections to this system option.
Click on Use another account for installing this site system. Enter User name and password of remote servers local admin.
Once you select the “site server to initiate connection” option for a remote site system, the site server initiates a connection, and it will copy all the required files to respective folders on the site server.
More details about the log files can verify whether the remote site system is in PULL mode or PUSH mode. SCCM Untrusted Forest Issues Require the Site server to Initiate Connection ConfigMgr MEMCM?
Log file = mpfdm.log (MP File Dispatch Manager). Default Location of the log file in Remote Site System = \SMS\Logs.
Default Location of the log file in Site Server = Program Files\Microsoft Configuration Manager\Logs. Remote Site System = acncmrsite.remote.configmgr.com.
mpfdm.log file @ site server
- acncmrsite.remote.configmgr.com is pushing files. Mode must be pull.
- Pulling files from acncmrsite.remote.configmgr.com. Mode must be pull.
- Starting pull jobs for acncmrsite.remote.configmgr.com.
PULL:Moving 1 *.SUM file(s) from \\acncmrsite.remote.configmgr.com\C$\SMS\MP\OUTBOXES\sitestat.box\ to D:\Program Files\Microsoft Configuration Manager\inboxes\sitestat.box\.
Moved file \\acncmrsite.remote.configmgr.com\C$\SMS\MP\OUTBOXES\sitestat.box\lgexcktm.SUM to D:\Program Files\Microsoft Configuration Manager\inboxes\sitestat.box\lgexcktm.SUM
mpfdm.log file @ Remote site system (acncmrsite.remote.configmgr.com)
- Remote site is in pull-mode.
- Stopping all push jobs.
- Site Server to initiate connection option is not required if you don’t have any forest trust related issues.
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.