Share via

Cross-Tenant Utilization and MCM Setup: Domain Trust and License Management

Amir 0 Reputation points
2025-01-25T14:02:10.06+00:00

Hi everyone, I have a question regarding cross-tenant utilization and MCM (Microsoft Configuration Manager ).

We have the following setup:

  • Domain A: An on-premises domain where we want to implement MCM.
  • Domain B: An Azure domain with Microsoft 365 licenses.
  • All the clients in Domain A use their Domain A user IDs to log in to their computers and access Microsoft 365 apps.

If we want to configure MCM in Domain A to utilize Domain B's Client Management Licenses (CMLs), we need to establish a trust between these two domains. After creating a two-way trust between the two forests, the following questions arise:

  1. In Domain A, users authenticate with their Domain A credentials to log in to computers. If we assign them Microsoft 365 email and apps from Domain B, is this authentication sufficient for MCM to utilize the required CMLs from Domain B?

Could you please provide key configuration steps for setting up MCM in this scenario?

  • Can MCM operate entirely within Domain A, or does it need to connect to Domain B on Azure?
    • What are the specific requirements to enable this setup?

Thank you!

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,570 questions
Microsoft System Center
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
1,064 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,475 questions
Microsoft Configuration Manager
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. XinGuo-MSFT 20,641 Reputation points
    2025-01-27T07:11:07.7566667+00:00

    Hi,

    In Domain A, users authenticate with their Domain A credentials to log in to computers. If we assign them Microsoft 365 email and apps from Domain B, is this authentication sufficient for MCM to utilize the required CMLs from Domain B?

    Yes, it is sufficient.

    Can MCM operate entirely within Domain A, or does it need to connect to Domain B on Azure?

    Yes.

    What are the specific requirements to enable this setup?

    No additional requirements are necessary.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.