![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 63%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Microsoft Configuration Manager
An integrated solution for for managing large groups of personal computers and servers.
4,590 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Try the following:
- Verify Permissions on the System Management Container:
- Ensure that the SCCM site server's computer account has Full Control permissions on the System Management container in Active Directory. This permission must apply to "This object and all descendant objects." To set this:
- Open ADSI Edit.
- Navigate to the System Management container.
- Right-click the container, select Properties, and go to the Security tab.
- Add the SCCM site server's computer account and grant it Full Control.
- Click Advanced, select the added account, and ensure the permission applies to "This object and all descendant objects."
- Ensure that the SCCM site server's computer account has Full Control permissions on the System Management container in Active Directory. This permission must apply to "This object and all descendant objects." To set this:
- Check for Incorrect Credentials:
- If you're using a specific user account for publishing (instead of the site server's computer account), verify that the username and password are correct. Errors such as
HRESULT=0x8007052Ein logs indicate incorrect credentials. To resolve:- Navigate to Administration > Hierarchy Configuration > Active Directory Forests in the SCCM console.
- Right-click the relevant forest and select Properties.
- Under the Publishing tab, update the account credentials.
- If you're using a specific user account for publishing (instead of the site server's computer account), verify that the username and password are correct. Errors such as
- Extend the Active Directory Schema:
- If the Active Directory schema hasn't been extended for SCCM, the site server may fail to publish information. To extend the schema:
- Run the
extadsch.exetool found in the SCCM installation media on a server with Schema Admin rights. - After extending, verify that the schema extension was successful by checking the
extadsch.logfile, typically located in the root of the system drive.
- Run the
- If the Active Directory schema hasn't been extended for SCCM, the site server may fail to publish information. To extend the schema:
- Review SCCM Logs for Specific Errors:
- Examine the
SiteComp.logandhman.logfiles on the SCCM site server for detailed error messages related to publishing. Common errors include:-
Win32 error = 5: Indicates insufficient permissions. -
Could not connect to the RootDSE container in Active Directory. HRESULT=0x8007052E: Points to incorrect credentials.
-
- These logs provide insights into the root cause of the publishing failure.
- Examine the
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
