Q. Why can't I update the Active Directory (AD) schema for Microsoft Systems Management Server (SMS)? Schema update is enabled, and I have Schema Admins permission.

Jul. 25, 2004 John Savill | Windows IT Pro

A. I recently had this problem. I had a lab environment in which I repeatedly tried--and failed--to update the schema for SMS by running the command

extadsch.exe

After I ran the command, the log file contained the following information:

&lt07-12-2004 17:02:49&gt Modifying Active Directory Schema - with SMS
                              extensions.
                              &lt07-12-2004 17:02:52&gt DS
                              Root:CN=Schema,CN=Configuration,DC=savilltech,DC=com
                              &lt07-12-2004 17:03:24&gt Failed to create attribute cn=MS-SMS-Site-Code.
                              Error code = 8206.
                              &lt07-12-2004 17:03:56&gt Failed to create attribute cn=mS-SMS-Assignment
                              Site-Code. Error code = 8206.
                              &lt07-12-2004 17:04:28&gt Failed to create attribute cn=MS-SMS-Site-
                              Boundaries. Error code = 8206.
                              &lt07-12-2004 17:05:00&gt Failed to create attribute cn=MS-SMS-Roaming-
                              Boundaries. Error code = 8206.
                              &lt07-12-2004 17:05:32&gt Failed to create attribute cn=MS-SMS-Default-MP.
                              Error code = 8206.
                              &lt07-12-2004 17:06:04&gt Failed to create attribute cn=mS-SMS-Device-
                              Management-Point. Error code = 8206.
                              &lt07-12-2004 17:06:36&gt Failed to create attribute cn=MS-SMS-MP-Name.
                              Error code = 8206.
                              &lt07-12-2004 17:07:07&gt Failed to create attribute cn=MS-SMS-MP-Address.
                              Error code = 8206.
                              &lt07-12-2004 17:07:39&gt Failed to create attribute cn=MS-SMS-Ranged-IP-
                              Low. Error code = 8206.
                              &lt07-12-2004 17:08:11&gt Failed to create attribute cn=MS-SMS-Ranged-IP-
                              High. Error code = 8206.
                              &lt07-12-2004 17:08:11&gt Failed to create class cn=MS-SMS-Management-
                              Point. Error code = 8202.
                              &lt07-12-2004 17:08:11&gt Failed to create class cn=MS-SMS-Server-Locator-
                              Point. Error code = 8202.
                              &lt07-12-2004 17:08:11&gt Failed to create class cn=MS-SMS-Site. Error code
                              = 8202.
                              &lt07-12-2004 17:08:11&gt Failed to create class cn=MS-SMS-Roaming-
                              Boundary-Range. Error code = 8202.
                              &lt07-12-2004 17:08:11&gt Failed to extend the Active Directory schema.

After much investigation, I discovered the reason for the failed schema update: I had many domain controllers (DCs) that weren't running and consequently had replication errors. After I started the other DCs and resolved the replication errors by forcing a replication, the schema update worked perfectly, as you can see in the following log file output:

&lt07-12-2004 17:09:15&gt Modifying Active Directory Schema - with SMS
                              extensions.
                              &lt07-12-2004 17:09:15&gt DS
                              Root:CN=Schema,CN=Configuration,DC=savilltech,DC=com
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-Site-Code.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=mS-SMS-Assignment-Site-Code.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-Site-Boundaries.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-Roaming-Boundaries.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-Default-MP.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=mS-SMS-Device-Management-
                              Point.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-MP-Name.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-MP-Address.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-Ranged-IP-Low.
                              &lt07-12-2004 17:09:18&gt Defined attribute cn=MS-SMS-Ranged-IP-High.
                              &lt07-12-2004 17:09:18&gt Defined class cn=MS-SMS-Management-Point.
                              &lt07-12-2004 17:09:18&gt Defined class cn=MS-SMS-Server-Locator-Point.
                              &lt07-12-2004 17:09:18&gt Defined class cn=MS-SMS-Site.
                              &lt07-12-2004 17:09:18&gt Defined class cn=MS-SMS-Roaming-Boundary-Range.
                              &lt07-12-2004 17:09:18&gt Successfully extended the Active Directory
                              schema.
                              
                              &lt07-12-2004 17:09:18&gt Please refer to the SMS documentation for
                              instructions on the manual
                              &lt07-12-2004 17:09:18&gt configuration of access rights in active
                              directory which may still
                              &lt07-12-2004 17:09:18&gt need to be performed. (Although the AD schema has
                              now been extended,
                              &lt07-12-2004 17:09:18&gt AD must be configured to allow each SMS Site
                              security rights to
                              &lt07-12-2004 17:09:18&gt publish in each of their domains.)

Discuss this Article 2

Christopher (not verified)

on Sep 24, 2004

Thanks a million, John. We had a SMS consultant visiting our site yesterday assisting us on our first install in our test lab. We restored a DC from backup and tried to extend the schema with the same results. Your solution worked perfectly. Thank you very much for taking the time to post your solution.

Connect With Us

Q. Why can't I update the Active Directory (AD) schema for Microsoft Systems Management Server (SMS)? Schema update is enabled, and I have Schema Admins permission.

Discuss this Article 2

Please Log In or Register to post comments.

IT/Dev Connections

Upcoming Training

Current Issue

Windows Forums

Featured Products

WindowsITPro.com

Site Features

Penton

Follow Us

Search WindowsITPro.com

Related Sites

Connect With Us

Q. Why can't I update the Active Directory (AD) schema for Microsoft Systems Management Server (SMS)? Schema update is enabled, and I have Schema Admins permission.

Discuss this Article 2

Please Log In or Register to post comments.

Related Articles

IT/Dev Connections

Upcoming Training

Current Issue

Windows Forums

Featured Products

WindowsITPro.com

Site Features

Penton

Follow Us

Search WindowsITPro.com

Related Sites