Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SMS_HIERARCHY_MANAGER ERROR

Status
Not open for further replies.
redman71

redman71

IS-IT--Management
Mar 15, 2002
329
US
I've extended my schema (i think) and have given my sms server appropriate permissions, but still i get the error..

Systems Management Server cannot create the object "cn=SMS-MP-WAU-WAUNMS" in Active Directory.

Is there a way i can troubleshoot this? or see if my schema is extended properly? I extended it using extadsch.exe on my domain controller AFTER the sms install. is this right? HELP!
 
Sort by date Sort by votes
• If you extended the schema by using ExtADSch, review ExtADSch.log

• If you extended the schema during SMS installation, review SMSsetup.log.

Both logs are created in the root directory of the %system% drive.
 
Upvote 0 Downvote
After you extended the schema make sure you give the SMS server name rights on the systems management container that the extention created....and make sure its computername$ you need the $ sign in there after the computer name
 
Upvote 0 Downvote
you extend the schema on the domain controller...correct?
 
Upvote 0 Downvote
this is the error...any thoughts?


<11-03-2005 10:59:40> Modifying Active Directory Schema - with SMS extensions.
<11-03-2005 10:59:40> DS Root:CN=Schema,CN=Configuration,DC=..,DC=..,DC=..
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-Site-Code. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=mS-SMS-Assignment-Site-Code. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-Site-Boundaries. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-Roaming-Boundaries. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-Default-MP. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=mS-SMS-Device-Management-Point. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-MP-Name. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-MP-Address. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-Ranged-IP-Low. Error code = 8245.
<11-03-2005 10:59:40> Failed to create attribute cn=MS-SMS-Ranged-IP-High. Error code = 8245.
<11-03-2005 10:59:40> Failed to create class cn=MS-SMS-Management-Point. Error code = 8202.
<11-03-2005 10:59:40> Failed to create class cn=MS-SMS-Server-Locator-Point. Error code = 8202.
<11-03-2005 10:59:40> Failed to create class cn=MS-SMS-Site. Error code = 8202.
<11-03-2005 10:59:40> Failed to create class cn=MS-SMS-Roaming-Boundary-Range. Error code = 8202.
<11-03-2005 10:59:40> Failed to extend the Active Directory schema. Your Active Directory does not allow schema updates
 
Upvote 0 Downvote
Run the Schema Admin Utility (schmmgmt.msc). This is part of the Adminpak.msi tools in the i386 directory on your server CD.

When that runs, right-click on Active Directory Schema. Make sure the box is checked that says "The Schema may be modified on this Domain Controller". Click ok.
 
Upvote 0 Downvote
and when you re-run it make sure the user logged in. belongs to the schema admins group.

 
Upvote 0 Downvote
you extend the schema on the domain controller...correct

yes the dc that is the schema master although if you run the SMS setup from the cd on install that cant be done.

 
Upvote 0 Downvote
Thanks..I'll check it out. From the error msgs, what do you thinks the problem?
 
Upvote 0 Downvote
<11-03-2005 10:59:40> Failed to extend the Active Directory schema. Your Active Directory does not allow schema updates

so with that error specifically i'm guessing

Run the Schema Admin Utility (schmmgmt.msc). This is part of the Adminpak.msi tools in the i386 directory on your server CD.

When that runs, right-click on Active Directory Schema. Make sure the box is checked that says "The Schema may be modified on this Domain Controller". Click ok.

but that has to be manually turned off which in the 1st place which would be a bit odd.


 
Upvote 0 Downvote
the box is not checked and greyed out
 
Upvote 0 Downvote
hmmm so if its greyed out it probably means the account your trying to view it with doesnt have rights to change it (thats a guess) you need to log on as a member of the schema admins group.
 
Upvote 0 Downvote
i've added my account to the schema admins group. even did a net user %username% and it shows that i'm a part of that group.
 
Upvote 0 Downvote
Ah so this is a win2k server....

To enable schema modifications for a Windows 2000 domain
1. At the command prompt, type Regsvr32 schmmgmt.dll.
2. On the taskbar, click the Start button, and then click Run.
3. Type mmc, and then click OK.
The MMC Console1 window appears displaying a blank snap-in.
4. On the Console menu, click Add/Remove Snap-in.
The Add/Remove Snap-in dialog box appears.
5. Click Add.
The Add Standalone Snap-in dialog box appears displaying all available snap-ins. Under Snap-in, select Active Directory Schema, and then click Add.
6. Click Close.
The Add/Remove Snap-in dialog box appears displaying the Active Directory Schema snap-in that was added.
7. Click OK.
The MMC Console1 window appears displaying the Active Directory Schema snap-in.
8. In the console tree, right-click Active Directory Schema, and then select Operations Master.
The Change Schema Master dialog box appears.
9. Click The Schema may be modified on this Domain Controller, and then click OK.
The MMC Console1 window appears displaying the Active Directory Schema snap-in.
10. On the Console menu, click Exit.
A Microsoft Management Console message box appears prompting you to save the changes to Console1.
11. Click No.
You have now configured the schema so that it can be extended.



(thats in the white paper link I showed ya...)
 
Upvote 0 Downvote
Thanks tbrennans...i've already done this too. still greyed. shows as "online" and i'm on the dc that is the master
 
Upvote 0 Downvote
isnt that a s.o.b.........The only thing I would check then is...ummmmmmmm...... is to make sure the registry isnt locked, there is a registry key for that but I have no clue where it is.

If this is a test network I would seriously think about rebuilding that dc.

If its production...May the force be with you :-D might be a question for aa AD guru (I know it pretty good but thats beyond a pretty good knowledge)

Good luck!
Tim

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

nwphew
  • Locked
  • Question
msg.exe command previously posted to wrong board by error
Replies
0
Views
213
nwphew
nwphew
PavelS
  • Locked
  • Question
SMS Console error
Replies
0
Views
198
PavelS
PavelS
sirlojik
  • Locked
  • Question
wsus installation error
Replies
3
Views
215
SimonDavies
SimonDavies
bwgreen
  • Locked
  • Question
SCCM 2007 SP1 Reporting Point error
Replies
10
Views
333
SimonDavies
SimonDavies
euskills
  • Locked
  • Question
Software update error 2147219822
Replies
0
Views
136
euskills
euskills

Part and Inventory Search

Sponsor

Back
Top