Deploying SCCM 2012 Part 2 – Creating Container, Extending the AD Schema – In the first part of SCCM 2012 deployment, we saw the post on Installing Active Directory Domain Services. After setting up the domain controller, the next step is to create a container and extend the schema. To Create a container, login to domain controller with a domain admin account.
Click on Start , All Programs, Administrative Tools, Select ADSI Edit.
Right click ADSI Edit and Click Connect to. The naming context should be Default naming context. Click on OK.
In the ADSI edit Console, Expand the Default Naming Context, right click CN=System, click on New and create an Object
Choose Container from the options and click next
Provide the object value as System Management. Click Next and refresh the ADSI edit to see the system management container in the console.
Now that we have created the System Management Container, the next step is to delegate the permissions to the System Management Container.Open the Active Directory Users and Computers, click on view and select Advanced Features. Right System Management and delegate control.
On the next screen click on Add , in the Object Types select computers and click OK. Now you need to type the SCCM Server name and click on Check Names. Select the SCCM computer from the list.
In the Tasks to Delegate window, select “Create a Custom task to delegate”
Select the default option “This folder, exiting objects in this folder and creation of new objects in this folder” and click next.
Select all the three permissions and click on full control.
Click Finish to close the delegation wizard.
The next step is to extend the Active Directory Schema for Configuration Manager.You can perform this step on Active Directory or SCCM server as Domain administrator. Locate the folder : SMSSETUPBINX64 and right click the file named extadsch and run as administrator. You can hold the shift key + right click on the file and copy as path and paste it in command prompt.
The log file extadsch.log can be found in the location C:extadsch.log. Open it with a notepad to view the log file. The highlighted text shows that Active Directory Schema has been extended successfully.