Hi Just want to know if we can discover AD Systems using any discovery mehtods available in SCCM, based on AD Site Objects (i:e specifying LDAP path of Active Directory site objects). Why or why can't we. Also, do we need to have a SCCM Client installed on a Site System hosting DP, SMP, & PXE Roles ? Regards Taranjeet Singh zamn

Hi, 1) Not sure that I fully understand the question. Each discovery method will discover different objects in AD (User/Computers/groups). The site server must have read access to the OU/Domain in order to discover the objects. 2)You don't need to install the CM07 client on site systems.Kent Agerlund | http://scug.dk/ | The Danish community for System Center products

Hi, I think that SCCM AD Discovery can query only AD Domain partition, AD sites are stored in configuration partition of AD. When you discover AD objects in your domain, you can based collection on AD site membership cause AD site is an attribute of the object when discovered. Julien

Hi Kent My first question is that, if discovery be able to discover System objects when configured with LDAP Path (in Custom LDAP or GC Query option of the discovery window) of Active Directory Site object. Second you already answered. Regards Taranjeet Singh zamn

Could you please give an example on what you're trying to do exactly?

Torsen I am trying to configure AD System Discovery by specifying the LDAP path of AD Sites like "CN=XXXX-ABCD,CN=Sites,CN=Configuration,DC=Test,DC=Lab,DC=IN" by selecting the radio button "Custon LDAP or GC Query". I want to know whether this configuration be able to find me the systems that belong to these particular AD Sites or not. Regards Taranjeet Singh zamn

You cannot get it by this way, cause AD site sytem membership is not stored in configuration partition and not stored in AD. this is a client information, so you find it in system attributes once your system will be discovered . From my point of view you cannot discover systems based on AD site, you can discover all systems of you AD or OU, then based collection on AD site membership but not more. Julien

If you want to discover the computers from Domain Via AD system Discovery, You can click on Browse and select the Domain or OU or Child OU from UI in Discovery method .Since the AD discovery will only discover the computer objects and other informaiton from AD. More info about what attrbutes discoverd by AD systen Discovery http://technet.microsoft.com/en-us/library/bb694214.aspx//Eswar Koneti @ http://eskonr.wordpress.com/

This is an example of a query to create a collection with only systems that belong to a specific AD site (once they have been discovered): select * from SMS_R_System where ADSiteName = "<ADsiteName>" Romano Jerez | http://NETvNext.com

Yes, it can discover the system objects when configued with LDAP or GC query.Regards, Madan

Thanks all for your responses, but I think this cannot be achieved. I configured the the LDAP Path CN=XXXX-ABCD,CN=Sites,CN=Configuration,DC=Test,DC=Lab,DC=IN in the AD System Discovery and left it overnight (scheduled it so that it ran every 4 hours) but next day I could not find any systems discovered in any of the collections. My understanding is: When we configure any of the AD Discovery methods (out of the 4), the discovery tries to find the systems under the Domain/OU/Container (when Local Domain is selected as Location) we specify or under the LDAP Path (when Custom LDAP or GC Query is selected as Location) we specify. If an LDAP Path is specified then the Discovery expects the System objects to be physically present under that path in order to be discovered. Since AD Sites are logical AD objects under which the there's no container (we actually donot create one there since it is stored in Configuration partition) so discovery fails. This is as per my understanding from the the link http://technet.microsoft.com/en-us/library/bb633276.aspx "When an Active Directory discovery method runs, it searches the specified locations for objects and then attempts to collect information about the object." Request buddy's to correct me if I misunderstood the something. Regards Taranjeet Singh zamn

Yes! thats correct!//Eswar Koneti @ http://eskonr.wordpress.com/