Restoring Active Directory

  • Article

2/9/2009

To restore the Active Directory configuration values for MDM without uninstalling the servers, follow these steps using the Active Directory Configuration Tool (ADConfig):

  1. Run ADConfig.exe /createinstance:<instance> /domain:<domain name>.
  2. Run ADConfig.exe /createtemplates:<instance>.
  3. Run ADConfig.exe /enabletemplates:<instance> /ca:<ca server>\<ca name>.
  4. Restore the server accounts for MDM Device Management Server and MDM Enrollment Server to the MDM infrastructure groups.
  5. Open Active Directory Users and Computers, expand <domain name>, and then select SCMDM Infrastructure Groups (<instance name>).
  6. In the right pane, right-click SCMDMDeviceManagementServers (<instance name>), and then select Properties.
  7. In the SCMDMDeviceManagementServers (<instance name>) Properties dialog box, on the Members tab, select Add, add the corresponding MDM Device Management Server computer object, and then select OK.
  8. In the SCMDMDeviceManagementServers (<instance name>) Properties dialog box, select OK.
  9. Repeat steps 6 through 8 to add the MDM Enrollment Server computer object to the SCMDMEnrollmentServers (<instance name>) infrastructure group.
  10. Open ADSIEdit, expand <domain name>, expand DC=<domain name>,DC=com, expand CN=System, expand CN=SCMDM, right-click CN=<instance name>, and then select Properties.
  11. In the CN=<instance name> Properties dialog box, on the Attribute Editor tab, scroll down to select the keywords attribute, and then select Edit.
  12. In the Multi-valued String Editor dialog box, add the following values if they do not exist:
    • database = <database server name> or database FQDN
    • dmadminurl = <FQDN for MDM Device Management Server or load-balanced virtual IP address>:port (default port is 8446)
    • dmurl = https://<FQDN for MDM Device Management Server or load-balanced virtual IP address:port /MDM/TEE/Handler.ashx (default port is 8443)
    • enadminurl = <FQDN for MDM Enrollment Server or load-balanced virtual IP address>:port (default port is 8445)
    • enurl = https://<FQDN for the external, internet-facing MDM Enrollment Server URL>:port/EnrollmentServer/Service.asmx (default port is 443)
    • serverca = <ca server name>
    • servercaname = <ca name>
    • instance = <instance name>
    • sqlinstance = <SQL Server instance name> if specified; else this value is blank
    • version = 2.0.0.0
  13. In the Multi-valued String Editor dialog box, select OK.
  14. In the CN=<instance name> Properties dialog box, select OK.
  15. Log out from MDM Device Management Server and MDM Enrollment Server, then log back in.
  16. Run services.msc, and restart each of the 5 SCMDM services.