Environment
NetIQ Advanced Authentication 4.8
Situation
Error occurs while extending AD schema, or returns “Unsuccessfulâ€.
Resolution
Please check the following:
-
For Windows Server 2003 before extending schema domain functional level should be raised to Windows Server 2003.
-
Before extending schema please ensure that you have Remote Server Administration Tools installed on the server. Otherwise you may have a problem with ldifde.exe
-
Ensure that you are running the schema updates on the Schema Master and that the logged in user is a member of the Schema Admins Group.
To identify the Schema Master
-
Run the Active Directory Schema MMC Snap-In. Please note you may need to add this snap-in manually if it does not appear in Administration Tools program folder.
-
Right-Click on “Active Directory Schema†directly under Console Root.
-
Select “Operations Master…â€from the menu
-
The current Schema Master will be displayed in the window.
-
Connect to the server identified, and re-run the schema extension tools.
If these steps are unsuccessful, you may need to extend the schema manually from a command line using the ldifde.exe command.
Example:
Open a command prompt in the Tools\Schema\AD folder located in the distributives.
ldifde -i -f ExtendSchema.ldf -s DomainController.Domain.Com -c DC=X DC=Domain,DC=Com -k -v
repeat command for ExtendSchema_2.ldf, ExtendSchema_3.ldf, ExtendSchema_4.ldf and RegisterMMC.ldf files using the same parameters above.
Additional Information
Formerly known as 0031.