Re: Trouble Extending Schema
From: Micah (M_at_m.com)
Date: 05/02/04
- Next message: Jason Nelson: "Re: Trouble Extending Schema"
- Previous message: Jason Nelson: "Re: Trouble Extending Schema"
- In reply to: Jason Nelson: "Re: Trouble Extending Schema"
- Next in thread: Jason Nelson: "Re: Trouble Extending Schema"
- Reply: Jason Nelson: "Re: Trouble Extending Schema"
- Reply: TerryM: "Re: Trouble Extending Schema"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 2 May 2004 18:46:03 -0500
I understand all that and so far have already done everything you pointed
out. I really don't think it's an issue with permissions here. I'm using
an account that has permissions to modify the schema and modifications are
enabled.
I don't think that the problems are permission related on the SMS side.
What it looks like to me is that the SMS problems are all related to the
failure of the directory extensions. It looks like it's getting to the
directory fine but can't update it because the class and attributes are not
there.
I'm trying to find out why it won't let me extend the directory. I
apparently have rights because I am using a schema admin account and am also
trying it from the domain controllers as well as the SMS server itself. The
errors are all the same no matter where I try it but there really isn't any
usefull info out there for the errors in the log files. I think it will
work if I can get the directory extended, but so far no luck.
"Jason Nelson" <anonymous@discussions.microsoft.com> wrote in message
news:05D04F6B-2F26-442B-9ED6-FAA512A5B254@microsoft.com...
> Micah,
> Please review the following snippet I copied here for you to read from
"Active Directory Schema Modification and Publishing for Systems Management
Server 2003.doc".
>
> "If publishing is enabled on the site properties but the SMS account does
not have sufficient permissions to publish, hierarchy manager and site
component manager will generate error 4913: Systems Management Server cannot
create the object in Active Directory. This error persists in the status
messages until permissions to publish have been granted or publishing has
been disabled."
>
> Okay... so back to my original blog... you need to verify you have the
correct permission when creating the SMS System Management container. Since
you said this was a 2000 AD, did you run Regsvr32 schmmgmt.dll from a
command prompt? If not then do this. However, I am assuming you have done
this to allow the schema to be extended with the System Management
container.
>
> Your problem is publishing to this container.
> When you run ExtADSch the ExtADSch.log will likely contain errors starting
off with "Failed to create attribute".
>
> Therefore, we need to go back with the ADSI Edit tool and look over how
you have the permissions setup in the System Management container. You said
that you have given full control to it and to all child objects. This is
good.
>
> Now did you also go into the Advanced Security Settings for System
Management and check the box "Allow inheritable permissions from the parent
to propagate to this object and all child objects. Include these with
entries explicitly defined here." Once this is checked and applied, go
ahead and run the ExtADSch tool again.
>
> Cheers,
> jason nelson
- Next message: Jason Nelson: "Re: Trouble Extending Schema"
- Previous message: Jason Nelson: "Re: Trouble Extending Schema"
- In reply to: Jason Nelson: "Re: Trouble Extending Schema"
- Next in thread: Jason Nelson: "Re: Trouble Extending Schema"
- Reply: Jason Nelson: "Re: Trouble Extending Schema"
- Reply: TerryM: "Re: Trouble Extending Schema"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
