Create ConfigMgr Boundary based on Active Directory Site and Services Subnet

15 Jan, 2014 Articles Permalink

Every now and then I run into a case where a customer have a problem to deploy an application to a machine. Quite often the problem lies with a missing Content Boundary in Configuration Manager. Many uses the boundary type AD Site, and that is fine – IF, and only if, you don’t have been lazy when you created them. That is, you must not have created any supernets within Active Directory Sites and Services. What is a supernet you might ask. Well, if you in the real world have two networks, say for floor 1 and floor 2 of your branch office. Those two networks are 10.0.0.0/24 and 10.0.1.0/24 then a lazy admin might just have created the subnet 10.0.0.0/23 in Sites and Services. And that is fine for Active Directory. And probably lots of other services. But for ConfigMgr it is not.

A ConfigMgr client always sends up the Network ID to the Site Server and that can be used for content assignment. However, a client with Network ID 10.0.1.0 does not match the Network ID that the Site Server gets from Active Directory when we have a supernet in there because it will only know of the Network ID 10.0.0.0. And since that isn’t a match – the client will not get any content.

So what to do then? A) Stop using supernets in Active Directory Sites and Services.

- “But that is a whole other department…”

Okey then, B) Use IP Range as a Boundary in ConfigMgr.

- “But it’s so much work”

Okey, then I have the solution, use a PowerShell script to create those boundaries in ConfigMgr. And lucky for you, I’ve created that script. You can create a scheduled task that runs the function within the script or simply run the script in System Center Orchestrator. Same there then, a script to run the function.

Subnets

UPDATE: Thanks to my friend Stefan Schörling made me realize that this feature actually exists in ConfigMgr already. How would have known? :) Just tick the “Automatically create IP address range boundaries for IP subnets when they are discovered” in the properties window for Active Directory Forest Discovery. Sweet! So why go over the bridge etc etc…

forest-discovery

/Tim

About The Author

Tim Nilimaa is a consultant with Lumagate in Sweden. He has been working with Configuration Manager for 8 years. His knowledge has been selected as a speaker at many events among them Microsoft Management Summit.

No Comments

Leave A Reply