Jump to content


  • 0
anyweb

how can I create the System Management Container in Active Directory

Asked by anyweb

Question

anyweb Rising Star

anyweb

Posted
Posted

Using Adsiedit Create a container in AD, CN=System called System Management by right clicking on CN=System and choose New Object, scroll down to container from the list, click next, give it a value of System Management.

 

adsiedit.jpg

 

In Active Directory Users and Computers expand the System container, and right click click on System Management

 

choose delegate control, click next, click add, click object types, add computers, click ok, advanced, find now.

 

highlight the SCCM servername and click ok.

 

click OK again, click Next in the Delagation of control Wizard page, choose 'create a custom task to delegate'

 

click next, make sure 'this folder, existing objects in this folder and creation of new objects in this folder is selected

 

click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in FULL CONTROL

 

and click next then Finish.

 

Failure to do the above will mean that the System Management Container in AD will NOT POPULATE with SCCM specific info and you will see many errors in SCCM site status

 

Once the permissions are granted correctly, it will look like this

 

container_privs.jpg

 

done !

Share this post

Link to post
Share on other sites

32 answers to this question

Recommended Posts

  • 0
Bobtrie Newbie

Bobtrie

Posted
Posted

I have had this same issue and this has been my resolve for it.

 

In Active Directory after the "System Management" container is created right click on the container, go to properties, then click on the security tab. Make sure the server you are using has full control. After that click on advanced, find the server and click Edit. On the object tab make sure "Apply onto" is set to "This object and all child objects". I have found the default during the install to be "This object only". After this you will need to go into SCCM and right click on your site and select properties. On the properties page go to the Advanced tab. On the Advanced tab un-check all of the check boxes and click "Apply" the recheck the boxes and click "Apply" again. After a few minuets the correct information should be propigated to the "System management" container.

 

 

 

This has been done in a test environment and I hope this will help others that might be having the same issue.

 

I also found some of these videos to be helpful http://www.youtube.com/user/dodo3tt#p/search/1/coSRKb7hRkU

 

and followed Microsofts site http://technet.microsoft.com/en-us/library/bb632492.aspx

 

Bobtrie.

Share this post

Link to post
Share on other sites
  • 0
babalojaan Newbie

babalojaan

Posted
Posted

the container will populate itself if you followed the guide correctly, give it some time to do so.

 

the container is needed to store info in AD about where sccm site servers are located

 

here's some more info

 

Four actions need to be taken in order to successfully enable Configuration Manager Clients to query Active Directory Domain Services to locate site resources:

 

* Extend the Active Directory schema.

* Create the System Management container.

* Set security permissions on the System Management container.

* Enable Active Directory publishing for the Configuration Manager site.

 

 

one stupit question:

 

duering prerequisites check of installtion of sccm 2007 r2, i had to extend the AD schema otherwise it gave me error. Now i followed your guide to create system Management container but nothing appears, its empty (i followed it twice!), so the question is; should i extend the AD schema ONCE AGAIN?

 

Thanks!

Share this post

Link to post
Share on other sites
  • 0
srikanth krishnan Newbie

srikanth krishnan

Posted
Posted

Hi,

Thanks in advance ,I have extended the schema for SCCM but while i trying to create System Management Container in Active Directory by using ADSIEDIT i am not found anything called

System Management under the CN=system

pleased to refer the img link

 

http://www.flickr.com/photos/srikanthsri/5729462738/in/photostream

post-9324-0-18155500-1305605646_thumb.jpg

Share this post

Link to post
Share on other sites
  • 0
anyweb Rising Star

anyweb

Posted
Posted

did you try this ?

 

Using Adsiedit Create a container in AD, CN=System called System Management by right clicking on CN=System and choose New Object, scroll down to container from the list, click next, give it a value of System Management.

 

Share this post

Link to post
Share on other sites
  • 0
Kevin79 Newbie

Kevin79

Posted
Posted

I have a parent/child domain setup. Everything is in the child domain except for a couple root domain controllers. Do I need to create the System Management contain in cn=system on the parent domain or the child domain?

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to question listing
×
×
  • Create New...