Extending the Active Directory Schema

简介:
 
Extending the Active Directory Schema
To extend the Active Directory schema for SMS 2003, you must be a member of the Schema Administrator group. You also need to enable the extension of the Active Directory schema on domain controllers running Windows 2000. Enabling the extension of the Active Directory schema for SMS is not required for Windows Server 2003 domain controllers.
Caution:
  • Modifying the Active Directory schema is an advanced operation that is best performed programmatically by experienced programmers and system administrators. For more information about modifying the Active Directory schema, see  The Active Directory Programmer's Guide.
You can extend the Active Directory schema during SMS setup or by using the command-line tool ExtADSch.exe. You can find ExtADSch.exe in the \SMSSETUP\BIN\I386 folder on the SMS 2003 product CD. Running the tool creates four classes and ten attributes in Active Directory. For more information about Active Directory planning issues, see Chapter 10, "Planning Your SMS Deployment and Configuration."
Before SMS 2003 can integrate with Active Directory, appropriate security privileges must be set.
Note:
  • You must register Schmmgmt.dll before you access the Active Directory Schema snap-in. At the command prompt, type  Regsvr32 schmmgmt.dll.
To set appropriate security permissions
  1. On the taskbar, click the  Start button, and then click  Run.
  2. Type  mmc, and then click  OK.
    The  MMC Console1 window appears displaying a blank snap-in.
  3. On the  Console menu, click  Add/Remove Snap-in.
    The  Add/Remove Snap-in dialog box appears.
  4. Click  Add.
    The  Add Standalone Snap-in dialog box appears displaying all available snap-ins. Under  Snap-in, select  Active Directory Schema, and then click  Add.
  5. Click  Close.
    The  Add/Remove Snap-in dialog box appears displaying the Active Directory Schema snap-in that was added.
  6. Click  OK.
    The  MMC Console1 window appears displaying the Active Directory Schema snap-in.
  7. In the console tree, right-click  Active Directory Schema, and then select  Operations Master.
    The  Change Schema Master dialog box appears.
  8. Click  The Schema may be modified on this Domain Controller, and then click  OK.
    The  MMC Console1 window appears displaying the Active Directory Schema snap-in.
  9. On the  Console menu, click  Exit.
    A Microsoft Management Console message box appears prompting you to save the changes to Console1.
  10. Click  No, opting not to save the console settings.
You have now configured the computer so that the Active Directory schema can be extended.
To extend the Active Directory schema using ExtADSch.exe
  1. At the command prompt, type  ExtADSch.
  2. Press ENTER.
The ExtADSch.exe tool produces output to confirm that the changes have completed successfully. If an error occurs, it is reported with an error code number. You can use the command-line tool  net helpmsg to provide troubleshooting information. At the command prompt, type the appropriate command, as in the following example:
net helpmsg message#
Note:
  • After you extend the Active Directory schema, it is important that you allow enough time for the Active Directory replication to discover all Active Directory containers throughout the enterprise. For more information, see Windows 2000 Server Help.
Class common names that can be implemented and used by SMS 2003 sites include the following:
  • MS-SMS-Management-Point
  • MS-SMS-Server_Locator-Point
  • MS-SMS-Site
  • MS-SMS-Roaming-Boundary-Range
Attribute common names that can be implemented and used by SMS 2003 sites include the following:
  • MS-SMS-Site-Code
  • MS-SMS-Assignment-Site-Code
  • MS-SMS-Site-Boundaries
  • MS-SMS-Roaming-Boundaries
  • MS-SMS-Default-MP
  • MS-SMS-Device-Management-Point
  • MS-SM-MP-Name
  • MS-SMS-MP-Address
  • MS-SMS-Ranged-IP-Low
  • MS-SMS-Ranged-IP-High
You can verify the extension of the Active Directory schema by using the Active Directory Administration tool. To access the tool, click  Start, point to  Programs, point to  Administrative Tools, and then select  Active Directory Schema. For more information about using this tool, see Windows 2000 Server Help.

本文转自 godoha 51CTO博客,原文链接:http://blog.51cto.com/godoha/87574 ,如需转载请自行联系原作者

相关文章
|
3月前
|
存储 网络协议 网络安全
什么是 Active Directory?
【8月更文挑战第4天】
221 10
|
网络协议 安全 数据安全/隐私保护
Active Directory与域服务,介绍,安装(下)
Active Directory与域服务,介绍,安装
172 0
|
负载均衡 安全 网络协议
Active Directory与域服务,介绍,安装(上)
Active Directory与域服务,介绍,安装
317 0