sattler Posted March 27, 2012 Report post Posted March 27, 2012 Hi, this is my first post in this very helpful forum. Thanks a lot for the information in here. I now have a question since I'm struggeling setting up my lab. What I have: In my scenario I have two trusted forests with one domain each. In the first forest/domain I installed a CAS and a primary Site. This worked quite well. I also installed and configured the AD extension. My problem: At the moment I'm trying to set up a primary site in the second forest/domain. It already fails before the installation actually starts. At the point in the setup dialog, where I put the name of the CAS Server, it tells me, that it cannot get the site code from the central site. My question: What is going wrong? What rights do I have to set on the AD Container in the CAS and in the primary site? What rights do I else have to set? What is different from a primary site in the same forest/domain? Thanks for your input! Magnus Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted March 27, 2012 Report post Posted March 27, 2012 hi there Magnus have you seen the following on Technet ? The following are prerequisites you must configure before a Configuration Manager site can publish site data to Active Directory Domain Services: You must extend the Active Directory schema in each forest where you will publish site data. For more information, see Determine Whether to Extend the Active Directory Schema for Configuration Manager. You must configure Active Directory Forests for use with Configuration Manager, and enable publishing to the forests you want to use. For information, see the About Active Directory Forest Discovery section in the Planning for Discovery in Configuration Manager topic. You must enable publishing at each site that will publish its data to Active Directory Domain Services. For information, see Configuring Sites to Publish to Active Directory Domain Services. from here - http://technet.microsoft.com/en-us/library/hh696543.aspx Quote Share this post Link to post Share on other sites More sharing options...
sattler Posted March 27, 2012 Report post Posted March 27, 2012 Hi, thanks for the fast reply... Yes I've seen this documentation and I followed the guides. In the CAS I can see both forests/domains. The publish status is successful in both cases. I extended the AD schema in both forests, I configured the System Management container in both forests and gave the computer account full permissions on the container. There are no firewalls between the forests. I can't even install the primary site in the second forest, since it doesn't get the site code from the CAS server... Quote Share this post Link to post Share on other sites More sharing options...
sattler Posted March 28, 2012 Report post Posted March 28, 2012 After some searching a got a step further: Now the setup tells me that the setup user has not sufficient permissions to configure the replication on the central site. I gave the Administrator of the second domain sysadmin rights on the central database. But this seems not to be correct. Does anybody have an idea? Thanks! Quote Share this post Link to post Share on other sites More sharing options...
sattler Posted March 29, 2012 Report post Posted March 29, 2012 Solved! The setup user must be member of the infrastucture admin or the full admin role in Configuration manager. Thanks! Quote Share this post Link to post Share on other sites More sharing options...
