One of the fundamentals aspect of configuration manager is the boundary because you can’t manage anything without a boundary. (Thanks to Torsten for pointing that it’s possible to manage client without a boundary).
There’s different types of boundary like, IP subnet, IP address range, IPv6 prefix and active directory site. The last one is the recommended method and it’s the easiest to manage.
We recently migrate our infrastructure to SCCM 2012 and we have an issue during the boundary configuration. What happen if you have 2 domains with the same active directory site? No big deal, both will be detectable with their respective domain. You think? Yes, we were able to handle it with SCCM 2007.
Everything was going perfect when we activated the active directory forest discovery in the discovery methods and checked the box “Automatically create Active Directory site boundaries when they are discovered” to populate sites within forests.
We realized that all duplicate sites in both domains were not automatically added as a boundary after evaluate the list of active directory sites. I dig into SQL database and look what I discovered, the system see 1 ABC boundary and 2 ABC active directory site.
You can see that WMI class on the primary is also containing both sites.
This problem happens with SCCM 2012 under any versions but it was working perfectly with SCCM 2007.
There’s some solution that can be made like use IP subnet instead but it’s not pretty clean or rename one of duplicate active directory site with unique name but for operation reason, we can’t do it.
What about adding them manually with the Browsing Active Directory Sites console? This tool is simple, it does a LDAP query to your active directory sites. What happen if you have two domains for one primary? Do you think you will see sites from both domains?
The answer is no!
The tool will provide only sites from the one domain. It should be able to scan multiple domains.
We opened a bug at Microsoft Connect so more info to come.
If you have the same issue, please comment in the Microsoft Connect bug.
***** Update 2015-03-16 *****
The problem is still active on Microsoft Connect. No fix has yet been released by them. You can use IP subnet or IP address range as a workaround for all duplicate AD Sites.
Founder of System Center Dudes. Nick has been awarded in 2016 as a Microsoft MVP in Enterprise Mobility category.
Working as a senior SCCM and Intune advisor as well as a specialist Microsoft Cloud solutions specialist.