Hi all,
New to this site and wondered if you could shed some light on a problem I don’t seem to be able to resolve.
Background
I have a hp microserver running vmware Esxi 6 and I have a Windows 2012 R2 server VM running as a domain controller, DNS, DHCP.
I have another microserver running esxi 6 and it is running a VM with windows 2012 R2 which has SQL 2012 on it and I am trying to now install SCCM 1702 from fresh (no upgrade). This is joined to the same domain as the DC. I have followed a guide for configuring all the prereqs for SCCM so all went through ok.
Summary of Problem
When going through the installation of 1702, all is ok until I get to prerequisite checks, I get a warning advising “Warning; The site server might be unable to publish to Active Directory. The computer account for the site server must have Full Control permissions to the System Management container in its Active Directory domain. You can ignore this warning if you have manually verified these permissions. For more information about your options to configure required permissions, see http://go.microsoft.com/fwlink/p/?LinkId=233190.”
Looking in the ConfigMgrPrereq log file, I see the below:
INFO:CheckMachineAccountHasADAccess <computername>
ERROR: Site server does not have create child permission on AD ‘System Management’
WARN: Site server does not have delete child permission on AD ‘System Management’
<computername>; Verify site server permissions to publish to Active Directory.; Warning; The site server might be unable to publish to Active Directory. The computer account for the site server must have Full Control permissions to the System Management container in its Active Directory domain. You can ignore this warning if you have manually verified these permissions. For more information about your options to configure required permissions, see http://go.microsoft.com/fwlink/p/?LinkId=233190.
I have checked ADSIEdit and ADUC and the System Management container has the SCCM computer name added with full control to the System Management object and everything under it but I’m still getting this error..
Would anyone know how to resolve it? I’m hesitant to go ahead and install it until I get rid of these.
I've moved my DC VM onto the same micro server as my SCCM VM for testing purposes and get the same warning messages so believe this rules out anything on vmware side of things. Everything I can find online just says ensure permissions are set on the System Management container which they are but i’m still getting the error…
Many thanks for any help on this.
K2017
New to this site and wondered if you could shed some light on a problem I don’t seem to be able to resolve.
Background
I have a hp microserver running vmware Esxi 6 and I have a Windows 2012 R2 server VM running as a domain controller, DNS, DHCP.
I have another microserver running esxi 6 and it is running a VM with windows 2012 R2 which has SQL 2012 on it and I am trying to now install SCCM 1702 from fresh (no upgrade). This is joined to the same domain as the DC. I have followed a guide for configuring all the prereqs for SCCM so all went through ok.
Summary of Problem
When going through the installation of 1702, all is ok until I get to prerequisite checks, I get a warning advising “Warning; The site server might be unable to publish to Active Directory. The computer account for the site server must have Full Control permissions to the System Management container in its Active Directory domain. You can ignore this warning if you have manually verified these permissions. For more information about your options to configure required permissions, see http://go.microsoft.com/fwlink/p/?LinkId=233190.”
Looking in the ConfigMgrPrereq log file, I see the below:
INFO:CheckMachineAccountHasADAccess <computername>
ERROR: Site server does not have create child permission on AD ‘System Management’
WARN: Site server does not have delete child permission on AD ‘System Management’
<computername>; Verify site server permissions to publish to Active Directory.; Warning; The site server might be unable to publish to Active Directory. The computer account for the site server must have Full Control permissions to the System Management container in its Active Directory domain. You can ignore this warning if you have manually verified these permissions. For more information about your options to configure required permissions, see http://go.microsoft.com/fwlink/p/?LinkId=233190.
I have checked ADSIEdit and ADUC and the System Management container has the SCCM computer name added with full control to the System Management object and everything under it but I’m still getting this error..
Would anyone know how to resolve it? I’m hesitant to go ahead and install it until I get rid of these.
I've moved my DC VM onto the same micro server as my SCCM VM for testing purposes and get the same warning messages so believe this rules out anything on vmware side of things. Everything I can find online just says ensure permissions are set on the System Management container which they are but i’m still getting the error…
Many thanks for any help on this.
K2017
