Extending the Active Directory Schema

  • Article

To extend the Active Directory schema for SMS 2003, you must be a member of the Schema Administrator group. You also need to enable the extension of the Active Directory schema on domain controllers running Windows 2000. Enabling the extension of the Active Directory schema for SMS is not required for Windows Server 2003 domain controllers.

Caution:

  • Modifying the Active Directory schema is an advanced operation that is best performed programmatically by experienced programmers and system administrators. For more information about modifying the Active Directory schema, see The Active Directory Programmer's Guide.

You can extend the Active Directory schema during SMS setup or by using the command-line tool ExtADSch.exe. You can find ExtADSch.exe in the \SMSSETUP\BIN\I386 folder on the SMS 2003 product CD. Running the tool creates four classes and ten attributes in Active Directory. For more information about Active Directory planning issues, see Chapter 10, "Planning Your SMS Deployment and Configuration."

Before SMS 2003 can integrate with Active Directory, appropriate security privileges must be set.

Note:

  • You must register Schmmgmt.dll before you access the Active Directory Schema snap-in. At the command prompt, type Regsvr32 schmmgmt.dll.

To set appropriate security permissions

  1. On the taskbar, click the Start button, and then click Run.

  2. Type mmc, and then click OK.

    The MMC Console1 window appears displaying a blank snap-in.

  3. On the Console menu, click Add/Remove Snap-in.

    The Add/Remove Snap-in dialog box appears.

  4. Click Add.

    The Add Standalone Snap-in dialog box appears displaying all available snap-ins. Under Snap-in, select Active Directory Schema, and then click Add.

  5. Click Close.

    The Add/Remove Snap-in dialog box appears displaying the Active Directory Schema snap-in that was added.

  6. Click OK.

    The MMC Console1 window appears displaying the Active Directory Schema snap-in.

  7. In the console tree, right-click Active Directory Schema, and then select Operations Master.

    The Change Schema Master dialog box appears.

  8. Click The Schema may be modified on this Domain Controller, and then click OK.

    The MMC Console1 window appears displaying the Active Directory Schema snap-in.

  9. On the Console menu, click Exit.

    A Microsoft Management Console message box appears prompting you to save the changes to Console1.

  10. Click No, opting not to save the console settings.

You have now configured the computer so that the Active Directory schema can be extended.

To extend the Active Directory schema using ExtADSch.exe

  1. At the command prompt, type ExtADSch.

  2. Press ENTER.

The ExtADSch.exe tool produces output to confirm that the changes have completed successfully. If an error occurs, it is reported with an error code number. You can use the command-line tool net helpmsg to provide troubleshooting information. At the command prompt, type the appropriate command, as in the following example:

net helpmsg message#

Note:

  • After you extend the Active Directory schema, it is important that you allow enough time for the Active Directory replication to discover all Active Directory containers throughout the enterprise. For more information, see Windows 2000 Server Help.

Class common names that can be implemented and used by SMS 2003 sites include the following:

  • MS-SMS-Management-Point

  • MS-SMS-Server_Locator-Point

  • MS-SMS-Site

  • MS-SMS-Roaming-Boundary-Range

Attribute common names that can be implemented and used by SMS 2003 sites include the following:

  • MS-SMS-Site-Code

  • MS-SMS-Assignment-Site-Code

  • MS-SMS-Site-Boundaries

  • MS-SMS-Roaming-Boundaries

  • MS-SMS-Default-MP

  • MS-SMS-Device-Management-Point

  • MS-SM-MP-Name

  • MS-SMS-MP-Address

  • MS-SMS-Ranged-IP-Low

  • MS-SMS-Ranged-IP-High

You can verify the extension of the Active Directory schema by using the Active Directory Administration tool. To access the tool, click Start, point to Programs, point to Administrative Tools, and then select Active Directory Schema. For more information about using this tool, see Windows 2000 Server Help.

For More Information

Did you find this information useful? Please send your suggestions and comments about the documentation to smsdocs@microsoft.com.