PowerShell: Creating the System Management Container

If you’ve ever worked with Systems Management Server (SMS) 2003 or System Center Configuration Manager (ConfigMgr / SCCM) 2007, you probably are familiar with the step of creating the “System Management” container underneath the “CN=System,DC=mydomain,DC=com” container in Active Directory. Normally you have to go into ADSIEdit.msc in order to do this, since you can’t create container objects through the Active Directory Users & Computers MMC snap-in. Well thankfully, you can avoid both GUIs by using PowerShell! Here’s a quick snippet that should work on any domain:

# Get the distinguished name of the Active Directory domain
$DomainDn = ([adsi]"").distinguishedName
# Build distinguished name path of the System container
$SystemDn = "CN=System," + $DomainDn
# Retrieve a reference to the System container using the path we just built
$SysContainer = [adsi]"LDAP://$SystemDn"
# Create a new object inside the System container called System Management, of type "container"
$SysMgmtContainer = $SysContainer.Create("Container", "CN=System Management")
# Commit the new object to the Active Directory database
$SysMgmtContainer.SetInfo()

You’ll still have to set permissions appropriately, but if you’re looking to automate the entire process, here’s at least once piece!

image