How to Prepare Active Directory Domain Services for Out of Band Management

Atualizada: Maio de 2013

Aplica-se a: System Center Configuration Manager 2007 R2, System Center Configuration Manager 2007 R3, System Center Configuration Manager 2007 SP1, System Center Configuration Manager 2007 SP2

Out of band management in Configuration Manager 2007 SP1 and later requires that Configuration Manager publishes an Active Directory object to an organizational unit (OU) or container for each domain that will contain AMT-based computers.

noteNota
As informações neste tema aplicam-se apenas ao Configuration Manager 2007 SP1 ou posterior.

When you perform the following procedures, AMT-based computers that are provisioned for out of band management can be published to Active Directory Domain Services.

After you have performed the procedures, you must configure the out of band management component with the name and location of the OU or container, in the Out of Band Management Component Configuration Properties: General Tab. When the site manages AMT-based computers from multiple domains, the same name and location must be created in Active Directory Domain Services for each domain, although you configure only one instance in Configuration Manager.

ImportantImportante
The primary site server computer account must be granted full control permissions to the out of band management OU or container and all of its child objects.

noteNota
Extending the Active Directory schema and publishing site information to Active Directory Domain Services is not required for out of band management, but it is recommended for other features and functionality in Configuration Manager. For more information, see Decide If You Should Extend the Active Directory Schema.

To create and configure an OU in Active Directory Domain Services

  1. On a domain controller, log in with an administrative account that has permissions to create OUs in your selected domain.

  2. Click Start, click Programs, click Administrator Tools, and then click Active Directory Users and Computers.

  3. Click View, and then click Advanced Features.

  4. If necessary, connect to the domain.

  5. Right-click the domain object or another OU in which you want to create the OU, click New, and then click Organizational Unit.

  6. In the New Object - Organizational Unit dialog box, type the name of your choice, such as Out of Band Management Controllers, and then click OK.

    noteNota
    When choosing a name, only the following characters are supported: a-z, A-Z, 0-9, - (hyphen), _ (underscore), and spaces.

  7. Right-click the OU that you have just created, and then click Properties.

  8. Click the Security tab.

  9. Click Add to add the primary site server computer account, and then grant the account Full Control permissions.

  10. Click Advanced, select the primary site server's account, and then click Edit.

  11. In the Apply onto list, select This object and all child objects.

  12. Click OK.

Repeat this procedure for each domain that will contain AMT-based computers that will be managed out of band.

To create and configure security for a container in Active Directory Domain Services

  1. On a domain controller, log in with an administrative account that has permissions to create containers in your selected domain.

  2. Click Start, click Run, and then enter adsiedit.msc to launch the ADSIEdit console.

    noteNota
    For more information about how to install and use ADSI Edit, see ADSI Edit (adsiedit.msc) Overview (http://go.microsoft.com/fwlink/?LinkId=183662).

  3. If necessary, connect to the domain.

  4. Expand the tree and right-click the domain or container in which you want to create the container, click New, and then click Object.

  5. In the Create Object dialog box, select Container, and then click Next.

  6. In the Value field, type the name of your choice, such as Out of Band Management Controllers, and then click Next.

    noteNota
    When choosing a name, only the following characters are supported: a-z, A-Z, 0-9, - (hyphen), _ (underscore), and spaces.

  7. Click Finish.

  8. Right-click the container that you have just created, and then click Properties.

  9. On the Attribute Editor tab, select showInAdvancedViewOnly, and then click Edit.

  10. In the Boolean Attribute Editor dialog box, click False, and then click OK.

  11. Click the Security tab.

  12. Click Add to add the primary site server computer account, and then grant the account Full Control permissions.

  13. Click Advanced, select the primary site server’s computer account, and then click Edit.

  14. In the Apply onto list, select This object and all child objects.

  15. Click OK, and close the ADSIEdit console.

Repeat this procedure for each domain that will contain AMT-based computers that will be managed out of band.

Consulte Também

For additional information, see Configuration Manager 2007 Information and Support.
To contact the documentation team, email SMSdocs@microsoft.com.

Conteúdo da Comunidade

Mostrar: