This document will walk you through the process of creating and
configuring the Active Directory System Management container for SMS.
This applies to SMS 2003 (either Service pack) on a Windows 2003
Server operating system.
Note: You must be a member of the Schema Administrator group to
successfully extend the schema.
Use the following steps to create the from the System Management container
Download the Windows Server 2003 Support Tools to get the AdsiEdit utility.
From a Windows 2003 Server DC logon as an account that is a member of
the Schema Administrator group.
From the "Start" - "Run" line type in Adsiedit.Msc then and click "OK".
Click the + sign next to your "Domain (ServerName.DomainName.Com\Net)"
Click the + sign to expand the "DC=DomainName,Dc= Com\Net"
Click the + sign to expand the "CN=System" container.
Right mouse click the "CN=System" container and from the context menu
select "New" and then select "Object" to begin the Create Object
From the "Create Object" "Select A Class" dialog box select
"Container" then select "Next" to continue.
In the "Value:" line type in "System Management" and click "Next" to continue.
Select "Finish" to complete the System Management container creation process.
Verify that the "CN= System Management" object has been created successfully.
From the "Administrative Tools" program group select "Active
Directory Users And Computers"
From the "View" menu select "Advanced features" to allow the "System"
leaf to be displayed.
Click the + sign to expand the "Systems" leaf then select Right mouse
click on the "System Management" container and from the context menu
From the "System Management Properties" dialog box select the "Security" leaf.
Select "Add" then select "Object Types" and make sure that both the
"Users" and "Computers" object types are checked then click "OK" to
close the window.
Select "Advanced" and the "Users, Computers, or Groups" dialog box
will be displayed.
Select "Find Now" and select your SMS Service account if you are
running in Standard Security Mode or your SMS server name if you are
running in Advanced Security Mode then click "OK" to continue.
Highlight the account that you are using (from the step above) and
grant the account the following rights:
Create All Child Objects
Delete All Child Objects
Click "OK" to complete the task.
Insert your SMS Installation CD-ROM media in the CD drive and from the
"Start" - "Run" line browse to the "SmsSetup\Bin\I386" directory
folder and select "Extadsch.Exe" and click "OK"
Click "OK" once again and the command prompt window opens and the
When the process has completed open the ExtADSch.Log file located in
the root dive (C:\) of the server from which it was executed from and
verify that the last line states: "SMS Setup completed successfully!"