Active Directory System Discovery Properties Error RRS feed

  • Question

  • Hi,

    I'm getting a strange error within SCCM 2012 System Discovery Properties. The error occurs every time I open the properties for the discover method. I can close it OK, and Systems still seem to be getting discovered. It appears even when the discovery properties is completely empty.

    Does anyone know what could be the problem? The error message is below. Thanks in advance

    The Specified directory object cannot be found.
    Stack Trace:
       at System.DirectoryServices.ActiveDirectory.ActiveDirectorySchemaProperty.GetPropertiesFromSchemaContainer(DirectoryContext context, DirectoryEntry schemaEntry, String name, Boolean isDefunctOnServer)
       at System.DirectoryServices.ActiveDirectory.ActiveDirectorySchemaProperty.InitializePropertiesFromSchemaContainer()
       at System.DirectoryServices.ActiveDirectory.ActiveDirectorySchemaProperty.GetValueFromCache(String propertyName, Boolean mustExist)
       at System.DirectoryServices.ActiveDirectory.ActiveDirectorySchemaProperty.get_Syntax()
       at Microsoft.ConfigurationManagement.AdminConsole.ActiveDirectory.AttibutesPageControl.IsAttributeAvailabe(ActiveDirectorySchemaProperty schemaProperty)
       at Microsoft.ConfigurationManagement.AdminConsole.ActiveDirectory.AttibutesPageControl.AddAvailableAttributes(ActiveDirectorySchemaPropertyCollection properties)
       at Microsoft.ConfigurationManagement.AdminConsole.ActiveDirectory.AttibutesPageControl.worker_DoWork(Object sender, DoWorkEventArgs e)
       at System.ComponentModel.BackgroundWorker.OnDoWork(DoWorkEventArgs e)
       at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument)

    Thursday, April 24, 2014 8:43 AM


All replies

  • Where do you see that error message? Is it in a logfile or a window that pops up?

    Torsten Meringer | http://www.mssccmfaq.de

    Thursday, April 24, 2014 7:44 PM
  • Where do you see that error message? Is it in a logfile or a window that pops up?

    Its in a window that pops up. If I go to discovery methods, right click on Active Directory System Discovery and choose properties - I get it then

    (i know there is an entry in here but its not that is i get the same error when it is empty)

    Friday, April 25, 2014 8:35 AM
  • Does the LDAP string point to a location in AD that actually exists?


    Paul | sccmentor.wordpress.com

    Friday, April 25, 2014 8:44 AM
  • It sure doe, as i explained it comes up even when the properties are empty :). Looks like it could be something to do with the AD schema? Im stumped

    Friday, April 25, 2014 10:20 AM
  • *Bump*

    Could this point to an active director schema issue? Anyone have any clues/pointers please? I cant find no information on it anywhere!


    Thursday, May 8, 2014 9:26 AM
  • Stefan,

    Was the schema update run when SCCM was installed?


    Paul | sccmentor.wordpress.com

    Thursday, May 8, 2014 10:52 AM
  • Thanks for the reply Paul.

    Where I am working already had 2007 in place, and so the Schema had already been extended and so I didn't need to request it to be done. SCCM installed fine with no noticeable errors, and everything is working - even system discovery yet i get this message still every time I open the properties.

    Thursday, May 8, 2014 10:58 AM
  • Was the 2012 server giving rights to the System Management OU?


    Paul | sccmentor.wordpress.com

    Thursday, May 8, 2014 12:05 PM
  • Have you tried more than one console?

    Gerry Hampson | Blog: www.gerryhampsoncm.blogspot.ie | LinkedIn: Gerry Hampson | Twitter: @gerryhampson

    Thursday, May 8, 2014 12:24 PM
  • Was the 2012 server giving rights to the System Management OU?

    It's a container, not an OU, but this should be unrelated for discovering resources.

    Torsten Meringer | http://www.mssccmfaq.de

    Thursday, May 8, 2014 12:51 PM
  • Was the 2012 server giving rights to the System Management OU?

    It's a container, not an OU, but this should be unrelated for discovering resources.

    Torsten Meringer | http://www.mssccmfaq.de

    It is indeed


    Paul | sccmentor.wordpress.com

    Thursday, May 8, 2014 12:56 PM
  • Yeah the Primary server, on which I am using the console, has full control over the systems management container, and has created all the required objects to have a fully functioning site. Everything which should work, does work - I just get that error which probably indicates something is wrong somewhere...?

    I've since tried in another console and I get exactly the same error. 2007 doesn't throw up this error, if it was schema related - I'm assuming 2007 would as-well come to think about it?

    Thursday, May 8, 2014 1:59 PM
  • Ive just gone in to the Active Directory Attributes section, and the list only goes down to C. I'm pretty sure this is not correct, can someone confirm? Something seems to be a miss here with AD in general and the available attributes?

    Thursday, May 8, 2014 2:06 PM
  • Yep that's not right at all


    Paul | sccmentor.wordpress.com

    Thursday, May 8, 2014 2:09 PM
  • It may be, at this stage, worth escalating this to MS


    Paul | sccmentor.wordpress.com

    • Proposed as answer by Garth JonesMVP Saturday, May 30, 2015 5:23 PM
    • Marked as answer by Garth JonesMVP Wednesday, February 3, 2016 5:18 PM
    Thursday, May 8, 2014 2:10 PM
  • It may be, at this stage, worth escalating this to MS

    Hmm yeah - I think your right. Thanks Paul
    Friday, May 9, 2014 10:01 AM
  • It would be great if you could feedback here with any results.


    Paul | sccmentor.wordpress.com

    Friday, May 9, 2014 8:52 PM
  • I sure will do
    Saturday, May 10, 2014 12:28 AM
  • Stefan did you ever figure out what the problem was? I've just found the same thing on our 2012 SP1 server on both the AD User and AD System discoveries.
    Thursday, October 2, 2014 9:20 PM
  • Hi Mike,

    Not exactly, however when the console is logged into as a user who is a domain admin - the error doesn't appear. To make things more complex - the way AD is set up here is quite/very messed up and domain admins is actually nested in schema admins (yep..you read that correctly). This nesting is due to be removed, but until then i can only assume the following:

    Not being a schema admin, or domain admin restricts the attributes that you are able to read in the SCCM console system and user discovery properties. I know it shouldn't be like this. Its also interesting that when you open these discovery properties - it appears it must read based on the user operating the console, rather than the site server, which I assumed it would be read based on the rights that has.

    Why this is happening, I dont know yet. Its been parked because it isn't actually having an detrimental effect that I can see. I know this probably doesn't help you much, but maybe it will point you in a direction to start looking in..

    Monday, October 6, 2014 11:41 AM
  • I know this is a very old thread and I'm not sure if bumping this is inappropriate as I rarely ever post anything, but this very thing is happening in my environment.  Just as OP explains, it doesn't appear anything is affected by this as my systems are being discovered, but it is concerning.

    The account I am logging in with however is in fact a domain admin.  Also our schema was extended for 2007.  I am currently running 1606.

    I could open a support case but don't want to waste my time or anyone else's since everything is functioning.

    Thursday, October 6, 2016 3:27 PM
  • Hi Kelvin, 

    Fortunately I never did get to the bottom of it as it was not causing any problems as such so didn't warrant the time.

    I did not see the issue when using an account which was a Schema Admin though.. So maybe try that if you are able and see if the same is for you if you want to review the settings shown in there.

    Wednesday, October 12, 2016 8:06 AM