June 22 2013

The System Management container

I’m often asked what the System Management container in Active Directory is used for. SCCM can use this container to store a small amount of configuration data for clients (or at least clients that are attempting an installation) can retrieve and use.

Configuration that is commonly stored in this container includes:

  • Client computer installation and site assignment (eg installation properties like management points, client cache size)
  • Port configuration for client-to-server communication
  • Network Access Protection (validate a client’s statement of health)
  • Content deployment scenarios (eg if you plan to create content at a primary site and deploy that content to a secondary site below a different primary site, you can use the container to obtain the source primary site’s public key)

A full list and much more detail is available from http://technet.microsoft.com/en-us/library/gg712272

Important information worth noting:

  • Site Servers will only write their information into the System Management container in their OWN domain
  • SCCM clients will query a global catalog to retrieve this information, so as long as they are in the same AD forest then they can query information from all domains, not just their own
  • The System Management container needs to be created manually, it isn’t done by the SCCM setup process
  • Permissions must be set manually on the System Management container. The primary site server computer account must be granted Full Control permissions to the System Management container and all its child objects. If you have secondary sites, the secondary site server computer account must also be granted Full Control permissions to the System Management container and all its child objects.

 



----------------------------------------------------------------------------
I use a maximum of one Google Ad per post to help offset some of my blog hosting costs.

----------------------------------------------------------------------------


Tags: , , , , , ,

Posted June 22, 2013 by danovich in category "SMS / SCCM", "Windows

Leave a Reply