jakemke Posted September 27, 2011 Report post Posted September 27, 2011 I have followed the directions and when I go to delegate the sccm server on the System Management container, there is not an delegate option. Any ideas on what I'm doing wrong? Quote Share this post Link to post Share on other sites More sharing options...
gumby Posted February 7, 2012 Report post Posted February 7, 2012 Hi, I've been following through all the instructions throughout various posts in the thread but seem to be stuck getting the System Management container to populate with data. I'm running Win2k8 R2 on both the SCCM machine and AD and I'm attempting to install SCCM2012 RC1 new into the environment (e.g. no prior 2k7 installation). I successfully updated the AD schema for SCCM from a SCCM2k7 disc we have, also tried the 2012 build, both times read successful: <02-07-2012 10:14:01> Successfully extended the Active Directory schema. Effectively the error I'm getting during the pre req check for SCCM2012 is this: <02-07-2012 11:04:09> ERROR: Site server does not have create child permission on AD 'System Management' <02-07-2012 11:04:09> WARN: Site server does not have delete child permission on AD 'System Management' <02-07-2012 11:04:11> scm01pa.local; Site server has permissions to publish to Active Directory.; Warning; The site server is unable to publish to Active Directory. Check that you have granted the site server's computer account full permissions to the System Management container in its Active Directory domain. The System Management container has been created and has the appropriate permissions from everything I can see: The server name is obviously scm01pa and as you can see it's been delegated control of the System Management container. Any help would be greatly appreciated as this one's got me stumped. Quote Share this post Link to post Share on other sites More sharing options...
gumby Posted February 8, 2012 Report post Posted February 8, 2012 Fixed. It was Mircosoft and their bloody wording in the error message I never proceeded with the install past the pre req as I figured there was no point if it was going to fail populating the System Management container with data. I noticed after my post above RC2 has been released so I thought I'd give that whirl instead thinking it was probably going to be a longshot but you never know. Anyway, it all comes down to the way Microsoft worded their error between RC1 and RC2. RC1 error: ----------------------------------------- Warning; The site server is unable to publish to Active Directory. Check that you have granted the site server's computer account full permissions to the System Management container in its Active Directory domain. ----------------------------------------- RC2 error: ----------------------------------------- Warning; The site server might be unable to publish to Active Directory. The computer account for the site server must have Full Control permissions to the System Management container in its Active Directory domain. ----------------------------------------- I decided to proceed anyway and hey presto, all good, the System Management container populated with data. Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted February 8, 2012 Report post Posted February 8, 2012 well in both cases it's not an Error it's a warning, and you can always continue with warnings but not with Errors, good point though and good to see Microsoft is listening to bugs/dcr's filed and acting on them. Quote Share this post Link to post Share on other sites More sharing options...
gumby Posted February 13, 2012 Report post Posted February 13, 2012 Yeah, what threw me was that even though the installer said it was a warning, when I jumped into ConfigMgrPrereq.log to take a closer look at the problem, that's where I noticed it was spitting out an error with creating child permissions which I thought was directly related to the warning. Quote Share this post Link to post Share on other sites More sharing options...
TonyE Posted March 5, 2012 Report post Posted March 5, 2012 Do the Computer$ account really need FULL CONTROL on the container System Management? Or can the Computer$ account have FULL CONTROL at installation and then later change it to just FULL CONTROL for the selfcreated sub-containers? Why this questions takes place is because we are gonna have a customer in another "main Domain" and will Only have FULL CONTROL over one small "OU". Quote Share this post Link to post Share on other sites More sharing options...
AlexP Posted January 16, 2020 Report post Posted January 16, 2020 I have question about this. SCCM was set up in our college by a previous company that supported the college. As it wasn't working as it should do we took out the server that had SCCM installed and we are going to set up SCCM from scratch. As SCCM was set up before, the System Management container already exists and has the boundary range and site names in there. Is it just a case of deleting the System Management container and re-creating it or is it easier to leave the container there, delete the boundary points and other objects that are in the System management container and then just do the delegate control step to add the new SCCM server in? Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted January 16, 2020 Report post Posted January 16, 2020 if it's already created then leave it there, it's safe to delete the contents inside as the they will get repopulated (if everything is working correctly) Quote Share this post Link to post Share on other sites More sharing options...