lang="en-US">▷ How to Extend Active Directory Schema for SCCM / Configuration Manager - NanDocs

How to Extend Active Directory Schema for SCCM / Configuration Manager

In this article we will show step by step how to create the System Management Container and how to extend the Active Directory schema to make it compatible with SCCM (now called Microsoft Endpoint Configuration Manager).

By extending the Active Directory schema to SCCM, we create new structures in AD that are used by SCCM to publish important information in a secure place where client PCs can easily and securely access.

When managing PCs, you must extend the Active Directory schema to SCCM. This extended schema simplifies the process of deploying and managing clients and more efficiently locates content servers. Schema extension is done only once per forest.

Note: If the AD schema is already extended for Configuration Manager 2007 or System Manager 2012, you do not need to do it again for higher versions of SCCM and Microsoft Endpoint Configuration Manager. This step can be skipped.

Requirements for extending Active Directory Schema for SCCM:

Step 1: Extend the Active Directory Schema for SCCM.

On the Primary Domain Controller server, open the Microsoft System Center Configuration Manager installation file and unzip it:

Extend AD Schema – Unzip

Open the path where it has been unzipped and navigate to “SMSSETUPBINX64“. You will find the file “extadsch.exe“, which you must execute as administrator:

Extend AD Schema – Run extadsch.exe

If you launch the executable from a CMD or Powershell, you can see the output of this, notifying that the AD schema has been extended satisfactorily:

Extend AD Schema – CMD

In the root directory of the server, you can find the log “ExtADSch.log” where everything that has been tried to be done is specified and the result:

Extend AD Schema – Verify log “ExtADSch.log”

We can verify that it ends with a “Successfully extended the Active Directory schema.”.

Step 2: Create System Management Container in AD for SCCM.

After extending the AD schema, you will create a container called “System Management”. Open the tool “ADSI Edit” to create the container. In the left panel, expand the DC and look for “CN=System”, right click “New” > “Object…”:

Create system management container – ADSI Edit

Choose the type “container” and click on “Next”:

Create system management container – Type “container”

Specify “System Management” as value (it is important to enter the exact text. Same format of capital letters and the space between the two words) and click on “Next”:

Create system management container – Value: “System Management”

Click on “Finish” and check that the container has been created:

Create system management container – Finish
Create system management container – Result

Next steps after extending Active Directory Schema:

After you extend the Active Directory Schema and create the System Management Container, you must grant permissions. Then we can configure the Configuration Manager site to publish data to Active Directory.

Exit mobile version