Re: Merged environments with different Active Directory Versions
- From: Kim Oppalfens <kim@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 16 Sep 2005 13:46:49 +0200
In article <6410C7C7-B340-4DDA-8E6B-771A8C102372@xxxxxxxxxxxxx>,
ibdwalrus@xxxxxxxxxxxxxxxxxxxxxxxxx says...
> Thanks again, Kim. My managers now want to know how much risk there is in
> extending the schema for SMS. Is this a big deal or is it relatively safe?
> They don't want to invest any time in WINS, so I don't know what option we
> have, but I have to ask.
>
> -- Mike
>
> "Kim Oppalfens" wrote:
>
> > In article <11E8E5E0-3261-41E0-B465-DE4DB5D1B752@xxxxxxxxxxxxx>,
> > ibdwalrus@xxxxxxxxxxxxxxxxxxxxxxxxx says...
> > > My company recently was acquired by another company which didn't use SMS. We
> > > haven't yet merged our Active Directory domains. They are running AD 2000;
> > > we have AD 2003. Our SMS primary site resides in our domain. We are trying
> > > to install secondary SMS sites using advanced security in several of their
> > > offices. I haven't yet extended the AD schema. Another post in this forum
> > > led me to believe that doing so might resolve some of the problems I've
> > > encountered.
> > >
> > > Are there predictable problems associated with running two different active
> > > directory versions as we are and will I create any problems by extending the
> > > AD schema for SMS in both versions?
> > >
> > > -- Mike
> > >
> > The only problem I could see is the forest & domain functional mode your
> > ad 2003 is set in, this could make sure you can't use 2000 dc's.
> > --
> > Kim Oppalfens
> > MVP SMS
> > Computacenter Belgium
> >
>
Well your options are Ad or wins.
So if management rules out wins, your left with
Ad or change management :-).
To be honest the risk of extending the schema is really really small.
I, nor microsoft according to recent discussions, have seen anything go
wrong using sms schema extensions, or extensions for any other microsoft
product.
The only problem is that if something goes wrong the impact can be huge.
The reason for this potential huge impact is that you can't do an
authoritative restore of the schema partition, so if something goes
horribly wrong and the partition is replicated there is virtually no way
back.
So small change of something going wrong huge impact.
Since the impact can be so catastrophic I usually follow the what I call
"risk-free procedure for extending the schema".
Steps explained below for sms.
It is advised to follow the procedure below, before any schema
modifications are made. There are no known issues in making the SMS 2003
schema extensions. This being said, if something does go wrong with the
schema extension process, the only way to restore the schema is by
restoring a backup of Active Directory on All domain controllers. All
domain controllers have to be disconnected from the network during this
recovery. There is no AUTHORITATIVE RESTORE for the Active Directory
Schema.
1. Locate the server that is the schema master
2. Back up the schema master. Disconnect the schema master from the
network and do not reestablish the connection until the end of this
procedure.
3. Take the Schema Master Offline. (Disconnect Network Cable).
4. On the schema master, insert the SMS 2003 Setup CD in the CD-ROM
drive.
5. Open a command prompt, change to the CD-ROM drive, and change to
the \SMSSETUP\BIN\I386 folder on the CD.
6. On the schema master, at the command prompt, type
Extadsch.exe
7. After the preceding command has finished on the schema master,
confirm that the preparation of the forest was successful. Verify
whether the following 4 classes & 10 attributes exist:
a. Classes(4):
i. MS-SMS-Management-Point
ii. MS-SMS-Server_Locator-Point
iii. MS-SMS-Site
iv. MS-SMS-Roaming-Boundary-Range
b. Attributes(10):
i. MS-SMS-Site-Code
ii. MS-SMS-Assignment-Site-Code
iii. MS-SMS-Site-Boundaries
iv. MS-SMS-Roaming-Boundaries
v. MS-SMS-Default-MP
vi. MS-SMS-Device-Management-Point
vii. MS-SM-MP-Name
viii. MS-SMS-MP-Address
ix. MS-SMS-Ranged-IP-Low
x. MS-SMS-Ranged-IP-High
c. Review %SystemDrive%\ExtAdSch.log
8. Evaluate the information you gathered in the previous step and
choose accordingly:
a. If extadsch.exe ran without errors, reconnect the schema master to
the network and continue with the next step of this procedure.
b. If extadsch.exe ran but error messages provided instructions for
additional steps to take, follow the instructions and then return to the
confirmation process described in the previous step.
c. If extadsch.exe did not run successfully, restore the schema
master from backup and investigate the corrective steps necessary so
that extadsch.exe can be run successfully.
--
Kim Oppalfens
MVP SMS
Computacenter Belgium
.
- Follow-Ups:
- Re: Merged environments with different Active Directory Versions
- From: ibdwalrus
- Re: Merged environments with different Active Directory Versions
- References:
- Re: Merged environments with different Active Directory Versions
- From: Kim Oppalfens
- Re: Merged environments with different Active Directory Versions
- Prev by Date: Re: Secondary site server set up question
- Next by Date: Re: CAP assignment - SMS2003
- Previous by thread: Re: Merged environments with different Active Directory Versions
- Next by thread: Re: Merged environments with different Active Directory Versions
- Index(es):
Relevant Pages
|
Loading
