Our configuration uses SCCM 2012 SP1 for both server and agent. We have 3 forests two internal trusted, and one DMZ that isn't. We setup at least one SUP on a role in each forest, and for the most part it seems to work as expected the agents hit the servers in their forest. However, we have maybe 3% that are picking a server in another forest, a forest that they can't even reach.
The logs unfortunately don't give all that much information, just that a network connection failed, but they don't even show what server the agent is trying to connect to. We had to get that information from reporting.
Has anyone seen this.
I saw a suggestion that setting a GPO to set the WSUS server was one way to get around some of these problems.
Thoughts?
Bob