Link to home
Create AccountLog in
Avatar of tq85
tq85

asked on

Extending Schema for SCCM / LYNC2010

Dear Experts,

I have been given a task to extend the schema for SCCM, I already tested it in the lab and it was a simple 2 second process. Yet, as with any Schema Extension in Production a recovery plan needs to be set.

In our case, root domain + 3 child domains. A pair of dc for each domain.

1) What's the best approach for a recovery plan? eg. system state backup all dcs?

2) Can I extend AD schema for products planned in the near future aside from SCCM, such as LYNC 2010 in a single shot.

Many thanks in advance,
-TQ
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

System State backup of all of your DCs is very good idea :)
But in this case, system state for Schema Master is necessary, because adprep modifies schema and it is a single operation master role for whole forest.

I do not recommend extending schema in advance. When you really need extend schema, the do this but not in advanced because it is not possible to revert those changes.

Regards,
Krzysztof
Avatar of tq85
tq85

ASKER

Thanks Krzysztof, your answer is very helpful.

I'd give you points right away, but let's wait for other answers if there are any :)
That's OK. Points are not the most important part for me :)

Krzysztof
Avatar of tq85

ASKER

Found this, seems interesting. Referring to below steps, can we apply it in our environment?

It is possible to disconnect the Schema Master without interrupting business applications in child domains in the environment?

For SCCM,
To extend the Active Directory schema using ExtADSch.exe

1

Create a backup of the schema master domain controller’s system state using the NTBACKUP utility. To start the NTBACKUP utility, click Start, click Run and type ntbackup.

2

Ensure that you are logged on to the schema master domain controller with an account that is a member of the Schema Admins security group.
Important
You must be logged on as a member of the Schema Admins security group in order to successfully extend the schema. Running the ExtADSch.exe file using the Run As command to attempt to extend the schema using alternate credentials will fail.

3

Disconnect the schema master domain controller from the network.

4

Run extadsch.exe, located at \SMSSETUP\BIN\I386 on the installation media, to add the new classes and attributes to the Active Directory schema.

5

Verify that the schema extension was successful by reviewing the extadsch.log located in the root of the system drive.

6

If the schema extension procedure was successful, reconnect the schema master domain controller to the network and allow it to replicate the schema extensions to the global catalog servers throughout the Active Directory forest.

7

If the schema extension procedure was unsuccessful, restore the schema master's previous system state from the backup created in step 1. This will reverse the schema extension actions before reconnecting the schema master domain controller to the network.
Ref:
http://technet.microsoft.com/en-ca/library/bb680608.aspx
Yes, you can. But first as it is written, do system state backup of Schema Master and remember to bring it up as soon as your schema extension will be finished successfully.

To determine which DC holds Schema Master Operation role, log on to any DC and from command-line type

netdom query fsmo

and look for Schema Master.

Krzysztof
Avatar of tq85

ASKER

So just to confirm, I can apply above procedure, and disconnect Server1 (See below) from the environment without interrupting business applications in child domains?


C:\>netdom query fsmo

Schema master			server1.example.com
Domain naming master		server1.example.com
PDC				server1.example.com
RID pool manager		server1.example.com
Infrastructure master		server2.example.com

The command completed successfully.

Open in new window


TQ
ASKER CERTIFIED SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of tq85

ASKER

Krzysztof, you're the best.

Thanks a lot.

I will extend the Schema this weekend :)
You're welcome :)

I thank you also. Please let me know after all how it works :)

Wish you luck.

Krzysztof