Solved

Extend Active Directory Schema

Posted on 2011-02-25
8
1,414 Views
Last Modified: 2013-11-21
I am trying to extend my AD schema using ldifde. My domain name is josimars.com. I made a copy of the ConfigMgr_AD_Schema.ldf file on my c:\drive and ran the command
ldifde –i –f ConfigMgr_ad_schema.ldf –v –j  c:\Logs.
The c:\logs file iis the folder I created for the log file. after disconnectiing the AD Schema sever from the network  I removed all instances of DC=X in the file and replaced
 it DC=josimars,DC=COM however I am legging the error message. A referral was returned from the server..

Here is the contents of the log file as an attachment Ldifde-error.txt
0
Comment
Question by:Josimars
8 Comments
 

Author Comment

by:Josimars
ID: 34987441
Ok
0
 
LVL 8

Assisted Solution

by:Toxacon
Toxacon earned 500 total points
ID: 34988303
It means that the replacement string is wrong. Take a look at the log row

Entry DN: CN=mS-SMS-Capabilities,CN=Schema,CN=Configuration,DC=josimars

Open in new window


it's missing the ,DC=com.

And, as I'm also expert on SMS/SCCM, I have to wonder why aren't you using the extadsch.exe to extend the Schema for SCCM?
0
 

Author Comment

by:Josimars
ID: 34988820
IThats weird I reran the ldifde command and made the changes and  it is  still failing.  CONFIGMGR-AD-SCHEMA.txt ldif.log. By the way  I forgot to tell you that I started with the ExtADSch.exe and that failed also. I am wondering if its because I have a  domain controller running windows 2003. My Schema master DC run Windows 2008  Standard. Is that the problem ?? ldif.txt. I  shut down the Windows 2008 server when I  am trying to extend the Schema. However I leave the Windows 2003 server. I also made sure I am using my Enterprise admin account and also ensured that it is a member of schema admins group
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:Josimars
ID: 34989841
You know what I reattached the Schema master back to the domain and it worked. Interesting
0
 
LVL 8

Accepted Solution

by:
Toxacon earned 500 total points
ID: 34990367
Ummm, well, the Schema Master Role is responsible for the Schema so it must be available when making schema-related operations. It's the only machine available in the domain to listen to your Schema extension request. If it is down during the extension attempt, there is nothing listening your request and it will fail.
0
 

Expert Comment

by:IdontKnow
ID: 35086915
The schema master should be online and you need to run the ExtADSch.exe on the schema master and you need to be a member of the Domain admin group and Schema admins group. When the program is done, check the logs and everything should be fine.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37433038
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
The viewer will learn how to use the =DISCRINV command to create a discrete random variable, use this command to model a set of probabilities and outcomes in a Monte Carlo simulation, and learn how to find the standard deviation of a set of probabil…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question