Jump to content


Torpedo

SMSRead/SMSAdmin Accounts are not available

By Torpedo, in Troubleshooting, Tools, Hints and Tips

Recommended Posts

Torpedo Newbie

Torpedo

Posted
Posted

Hi,

 

I am trying to configure "Computer Client Agent properties" as per this thread "http://www.windows-noob.com/forums/index.php?showtopic=491". And I am currently stopped at this step because I am seeing this note here:

 

"for Network Access Account we need to enter an account to be used by Configuration Manager 2007 client computers to communicate with network resources. We can use the SMSread account we created earlier (in Step 3 of this guide)."

 

But I don't think I did run this before as per "Step 3" because I could not find the related steps in the page :Step 3. And also I am not seeing SMSRead/SMSAdmin users in list.

 

 

Could someone let me know if I am missing anything here. I don't remember missing any steps so far.

 

Thanks

Share this post

Link to post
Share on other sites
anyweb Collaborator

anyweb

Posted
Posted

ok in a production environment where you should have SCCM and AD on different servers do it like this

 

make a global security group in Active directory Users and Computers and call it SMS Admins

 

now, make two (or more) new Domain Users called

 

SMSadmin

 

and

 

SMSread

 

once done, log on to the SCCM server and startup Server Manager, Configuration, Local Users and Groups and select Groups

 

double click on Administrators and add the SMS Admins Global Security Group as a member. (this gives the SMSadmin user local admin rights on the sccm server)

 

in your lab do as follows: *if you have both SCCM and AD on the same server*

 

create the two Domain Users in Active Directory Users and Computers called

 

SMSadmin

 

and

 

SMSread

 

create the SMS Admins Global Security Group

 

and add the SMS Admins group as a member of Domain Admins.

Share this post

Link to post
Share on other sites
Torpedo Newbie

Torpedo

Posted
Posted

hmm.. Ok. But I don't know which wizard that I should use to create SMSadmin and SMSread. Do I just need to create them as regular Windows users and configure them as AD Users?

 

Yes. I am installing everything on a single server.

 

Thanks

Share this post

Link to post
Share on other sites
Torpedo Newbie

Torpedo

Posted
Posted

Thank you very much for confirming this. I tried the same before and thought it was not the right one because it is asking Firstname, Lastname and loginname@domainname etc. Now I ran the same wizard and created "SMSadmin & SMSread" users.

 

Couple of questions here.

 

1. I completed all the remaining Part1 & 2 steps and reached to Part3: "Next we will configure the Computer Client Agent properties" step.

 

Now I am not sure whether I can continue to configure "the Computer Client Agent Properties in Part3". Could you please let me know if I need to do anything before running this?

 

2. And a per your previous notes in this thread, you are saying that I need to create "SMSAdmins Global Security Group also and add the SMSAdmins group as a member of Domain Admins.".

 

This group is actually available by default. How do I add this group as a member of Domain Admins. I am not finding this step in any of your guides.

 

Sorry for asking many questions. I am basically lost now because I am at Part 3 now.

 

Thanks

Share this post

Link to post
Share on other sites
anyweb Collaborator

anyweb

Posted
Posted

bring up the properties of the Security group called SMS Admins, and click on the Member Of tab,

 

Click Add and type Domain Admins

 

 

thats it

Share this post

Link to post
Share on other sites
anyweb Collaborator

anyweb

Posted
Posted

Domain Admins is present (it has to be) so you must be doing something wrong, try leaving it blank instead and click on check names and you need to do this as a user wit Domain Administrative permissions

Share this post

Link to post
Share on other sites
Torpedo Newbie

Torpedo

Posted
Posted

Hi,

 

I tried with empty value, but the "Check Names" button is not enabled for clicking ? I am seeing Domain Admins in the main list of "Active Directory Users and Comptuers window". Is it actually "Members" or "Members Of" tab on SMS Admins properties window? Checking Names with empty value on "Members Of" tab can not be done because the button is disabled.

 

Also, I did not see this step anywhere in your guide. Please let me know if I miss anything?

 

Actually this is the step as per your guide.

 

post-3192-1246812113_thumb.gif

 

Thanks for looking into this.

Share this post

Link to post
Share on other sites
anyweb Collaborator

anyweb

Posted
Posted

after clicking on Member of, choose Object Types and make sure that Groups or Built-in security principals is selected, in your screenshot you've only selected Groups....

Share this post

Link to post
Share on other sites
anyweb Collaborator

anyweb

Posted
Posted

you must be doing Something wrong, and it must be related to how you are logging on to this server

 

when i log on to my server i need to do so like this

 

domain\user

 

are you specifying domain\user ?

Share this post

Link to post
Share on other sites
anyweb Collaborator

anyweb

Posted
Posted

i dont get it, can you give me remote access to this machine ?

 

i assume its a Domain Controller ?????

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...