For a lab-exercise Quest Intrust was deployed on a stand-alone servers (MSWSRV2016std) with no AD role deployed, id = questsrv.
- Agents were deployed on the AD and these call back to questsrv, they also show up in the deployment manager.
- Now i notice though the agents show up they do not appear to communicate properly
My prefered setup is to leave Quest Intrust (sa or sa-cluster) out of the domain. This appears to be feasible but not documented.
Essentially, what i mean here is the agent shows up as registered in 'intrust manager' but not in 'intrust deployment manager' collections