If you’ve ever worked with Systems Management Server (SMS) 2003 or System Center Configuration Manager (ConfigMgr / SCCM) 2007, you probably are familiar with the step of creating the “System Management” container underneath the “CN=System,DC=mydomain,DC=com” container in Active Directory. Normally you have to go into ADSIEdit.msc in order to do this, since you can’t create container objects through the Active Directory Users & Computers MMC snap-in. Well thankfully, you can avoid both GUIs by using PowerShell! Here’s a quick snippet that should work on any domain:
# Get the distinguished name of the Active Directory domain $DomainDn = ([adsi]"").distinguishedName # Build distinguished name path of the System container $SystemDn = "CN=System," + $DomainDn # Retrieve a reference to the System container using the path we just built $SysContainer = [adsi]"LDAP://$SystemDn" # Create a new object inside the System container called System Management, of type "container" $SysMgmtContainer = $SysContainer.Create("Container", "CN=System Management") # Commit the new object to the Active Directory database $SysMgmtContainer.SetInfo()
You’ll still have to set permissions appropriately, but if you’re looking to automate the entire process, here’s at least once piece!