Re: error 5436 & 4913
From: Dave Halperin (Dave_Halperin_at_bose.com)
Date: 02/02/05
- Next message: François Racine: "Admin console - advertisement status problem"
- Previous message: Dave Halperin: "Re: error 5436 & 4913"
- In reply to: manoa: "Re: error 5436 & 4913"
- Next in thread: manoa: "Re: error 5436 & 4913"
- Reply: manoa: "Re: error 5436 & 4913"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 2 Feb 2005 16:04:31 -0500
Here's a couple of excerpts:
Requirements to Publish SMS Information to Active Directory
In order to successfully publish SMS information to Active Directory, four
conditions must be met:
· The Active Directory schema must already have been successfully
extended.
· The site properties must be configured to publish identity data to
Active Directory. This is enabled by default during installation.
· The Systems Management container must exist under the System
container in Active Directory.
· The SMS account that is used by the SMS Hierarchy Manager and SMS
Site Component Manager components must have full control permissions to the
System Management container. If you are using standard security, SMS
Hierarchy Manager and SMS Site Component Manager use the SMS Service
Account. If you are using advanced security, SMS Hierarchy Manager and SMS
Site Component Manager both use the SMS site server's computer account.
Configuring the Site Properties to Publish Identity Data
If you decide not to publish SMS information to Active Directory, you can
change the default site property. Disabling publishing stops Hierarchy
Manager and Site Component Manager from generating error message 4913 after
failed publishing attempts.
To change the publishing setting of a site, you must have Modify permissions
to the Site object class or instance.
1. In the SMS Administrator console, expand Systems Management Server,
expand Site Database (site code - site name), expand Site Hierarchy, expand
site code - site name. Right-click the site and click Properties.
In the Properties dialog box, click the Advanced tab.
To Manually Create the System Management Container
1. Log on as an account that has the Create All Child Objects
permission on the System container in Active Directory.
2. Start ADSIEdit and connect to the domain if necessary.
3. In the console pane, expand Domain [computer fully qualified domain
name], expand <distinguished name>, and right-click CN=System. On the
context menu click New and then Object.
4. In the Create Object dialog box, select Container and click Next.
5. In the Value field, type System Management and click Next.
6. Click Finish.
Granting Permissions to SMS to Publish to Active Directory
After you have manually created the System Management container, you must
still grant SMS full control permissions to the System Management container.
If you are using standard security, grant the permissions to the SMS Service
Account. If you are using advanced security, grant permissions to the site
server's computer account. You can grant the permissions by using ADSIEdit,
Active Directory Users and Computers, or another method of your choice.
To apply permissions to the System Management container by using ADSIEdit
1. Start ADSIEdit and connect to the domain if necessary.
2. In the console pane, expand Domain [computer fully qualified domain
name], expand <distinguished name>, expand CN=System, and right-click
CN=System Management. On the context menu click Properties.
3. In the CN=System Management Properties dialog box, add the site
server computer account (advanced security) or the SMS Service Account
(standard security) and grant the account Full Control permissions.
4. Click OK.
"manoa" <manoa@discussions.microsoft.com> wrote in message
news:55CF8F11-DC9B-4046-A4B4-410866FC4B7F@microsoft.com...
> After I went into the AD Users and Computers and in the System Management
> container gave the SMS machine account full permission to this container,
its
> still these error code still shows up. I opened up the System
Manangement
> container in AD and there are no objects in it. Are there suppose to be
> objects in this folder?
>
>
> "Dave Halperin" wrote:
>
> > The SMS server does not have rights on the System management Container
in
> > AD. You need to allow the machines account full control over that
container
> > as well as child objects.
> > "manoa" <manoa@discussions.microsoft.com> wrote in message
> > news:ABC11F5E-CCAB-4839-AB57-8EFA7724481D@microsoft.com...
> > > We are trying to implement SMS 2003 on a child domain. Our network
> > consist
> > > of a root domain and a child domain. Our root domain has two DC, one
as
> > the
> > > FSMO/GC and the other as a GC. The child domain has one server acting
as
> > > FSMO/GC as well as having SMS 2003 SP1 installed on it. When we look
at
> > the
> > > sms console under the SITE STATUS -> PWD-DOMAIN -> COMPONENT STATUS.
When
> > I
> > > view the error, we get two:
> > >
> > > Error code: 5436
> > > Component: SMS_MP_CONTROL_MANAGER
> > > Description: MP Control Manager detected MP is not responding to HTTP
> > > requests. The http is a server error.
> > >
> > > Error code: 4913
> > > Component: SMS_SITE_COMPONENT_MANAGER
> > > Description: System Management Server can not create object
> > > "cn=SMS-SLP-PWD-DOMAIN-SMS" in active directory"
> > >
> > > Error code: 4913
> > > Component: SMS_SITE_COMPONENT_MANAGER
> > > Description: System Management Server can not create object
> > > "cn=SMS-MP-PWD-DOMAIN-SMS" in active directory"
> > >
> >
> >
> >
- Next message: François Racine: "Admin console - advertisement status problem"
- Previous message: Dave Halperin: "Re: error 5436 & 4913"
- In reply to: manoa: "Re: error 5436 & 4913"
- Next in thread: manoa: "Re: error 5436 & 4913"
- Reply: manoa: "Re: error 5436 & 4913"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
