Now that I’ve brought this up, our Microsoft rep agrees and is suggesting a separate domain be added into our DMZ. Is that generally what you’ve seen?
I would imagine you would have mentioned it or the article would have. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys Sent: November-30-16 4:47 PM To: email@example.com Subject: [mssms] RE: Current Branch - Internet Based CLients - Internet facing Site Server Need to be on domain? The below is correct, current, and applicable to ConfigMgr CB: it must be domain joined. I’ve heard of this being side-stepped through some creative work, but that wouldn’t be supported (or advisable IMO). J From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Burke, John Sent: Wednesday, November 30, 2016 1:45 PM To: firstname.lastname@example.org<mailto:email@example.com> Subject: [mssms] Current Branch - Internet Based CLients - Internet facing Site Server Need to be on domain? Hi We are setting this up now and it’s in a dmz and a workgroup. I happened to read this via this link. Hoping it’s not the case. It’s Couple years old, and is Configmgr 2012 but I thought recalled something somewhere. I’m guessing Reza would be able to answer this off the top of his head. I’m sure he would have let us know if a workgroup wouldn’t work. Feel free to ignore if this isn’t applicable now. https://www.petervanderwoude.nl/post/five-key-configuration-steps-for-implementing-internet-based-clients-in-configmgr-2012/ “Prerequisites Before going through these steps, there are a few important prerequisites that should be in place: * Site systems for Internet-based client management must have connectivity to the Internet and must be in an Active Directory domain. * A supporting public key infrastructure (PKI) has to be in place, that can deploy and manage the certificates that the clients require and that are managed on the Internet and the Internet-based site system servers. * The Internet fully qualified domain name (FQDN) of site systems that support Internet-based client management must be registered as host entries on public DNS servers.