Using Adsiedit Create a container in AD, CN=System called System Management by right clicking on CN=System and choose New Object, scroll down to container from the list, click next, give it a value of System Management.
In Active Directory Users and Computers expand the System container, and right click click on System Management.
choose delegate control, click next, click add, click object types, add computers, click ok, advanced, find now.
Highlight the SCCM servername and click ok.
Click OK again, click Next in the Delagation of control Wizard page, choose 'create a custom task to delegate'
Click next, make sure 'this folder, existing objects in this folder and creation of new objects in this folder is selected
Click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in FULL CONTROL
and click next then Finish.
Failure to do the above will mean that the System Management Container in AD will NOT POPULATE with SCCM specific info and you will see many errors in SCCM site status
Once the permissions are granted correctly, it will look like this.
Print Screens to Follow
No comments:
Post a Comment