This post is part of SCCM Current Branch Installation Guide series
Before SCCM installation, we need to prepare Active Directory which will make sure SCCM works efficiently.
Login to Domain Controller “DC01” with Domain Admin Account.
Create Service account for SCCM
Open “Active Directory Users and Computers”
Create new Service Account with the name “SVC-SCCMAdmin” and make it a member of Domain Admin Account. Though Domain Admin Account membership is not recommended but for the purpose of avoid creating multiple service account (such as Network Access account, Domain joining account, Client push account, SQL Service account etc) with different permissions, we are simply creating here a single service accounts with all permissions required.
Create container in “ADSI Edit”
Why we require this ?
We need to create “System Management” container with full rights given to SCCM Server. This is an activity which needs to performed as mandatory as this is the location where SCCM site and MP location will be published which will help client in the environment to know about your SCCM Site Server.
Open Adsiedit.msc by typing it under Windows + Run.
Once ADSI Edit is opened, right click ADSI Edit on right hand side and click on “Connect to” and press OK.
Navigate to Default Naming Context, select container “System” – right click New > Object and select Container, click on next and name it as “System Management”.
Right click container “System Management” and click on tab ‘security’. Click on add to open another window, click on object types and make sure “computers” is selected. Add the SCCM Server “SCCM01”.
Once done, click on Advanced and click Add, select SCCM01 and click on edit. Under “Applied to” make sure “This object and all descendant objects” is selected. Click on Ok thrice to exit.
Why we require this ?
Active directory user attributes comes up with many inbuilt attributes such as firstname, lastname, email address, displayname, address etc. We need additional attributes related to SCCM which will help communication with clients and server.
Schema can be extended using utility Extadsch.exe which can be found under SCCM installation directory at following location SMSSETUP\BIN\X64\extadsch.exe
Open command prompt with admin rights. Navigate to the folder SMSSTEUP\BIN\x64, and run extadsch.exe to extend the schema. You will see following once successful.
Successful extension of schema will create a log file under c drive with the name ExtADSch.log and this will show following attributes as success: