Windows Server Summit 2024
Mar 26 2024 08:00 AM - Mar 28 2024 04:30 PM (PDT)
Microsoft Tech Community
LIVE

How to see who is a member of schema admin and how to add a member in

Steel Contributor

Hi All, 

 

Im currently trying to install Sccm and need to link my SCCM server to DC but due to me getting the below error I cant go any further. 

 

Screenshot 2020-05-13 at 11.04.25 AM.png

 

Im currently on the Administrator account but it seems that I still need to put this account in the Schema admin group. 

 

I cant seem to access this group I cant see it in Users or anywhere - When I search for the account I have to search the Entire directory but then cant access the properties? 

 

How do I add a user or even the admin account into this group so I can carry on doing the necessary step to install SCCM?  

 

I get this message

 

Screenshot 2020-05-13 at 11.11.38 AM.png

 

Please help! and thanks in advance!

12 Replies

You can check current members

Get-ADGroupMember -Identity "Schema Admins" -Recursive

 

and add to group here.

 

schema admins.png  

 (please don't forget to mark helpful replies)

 

 

 

Hi @Dave Patrick ,

 

Unfortunately 

Get-ADGroupMember -Identity "Schema Admins" -Recursive

 didnt work the error i got is 

 

Screenshot 2020-05-13 at 3.46.23 PM.png

 

 

And with adding the group for me Schema admin isn't in the user section, the only way I can see it is if I search for it and using "entire directory"

 

Thanks for the reply 

1.) You may need to 

import-module activedirectory

 2.) Try looking on the domain controller in ADUC

 

 

 

Hi @Dave Patrick 

 

Thanks for the reply I have tried this:

import-module activedirectory

 

And I get this: 

Screenshot 2020-05-13 at 4.39.14 PM.png 

 

I have looked in users in ADUC (active directory users and computers) and nothing. 

 

any ideas

 

 



I have looked in users in ADUC (active directory users and computers) and nothing. 

 

any ideas

 

 


I don't know what this even means. Do you have a domain controller? If so what operating system is installed?

 

 

Hi @Dave Patrick 

 

What I'm trying to say, Schema admins group isn't in ADUC under the users 

 

Screenshot 2020-05-13 at 5.07.18 PM.png

 

But if I change users to Entire directory Schema Admins group comes up

 

Screenshot 2020-05-13 at 5.09.11 PM.png

 

 

The Server we are running for the DC is windows server 2012 r2

From cmd.exe run dsa.msc then in Users branch find Schema Admins, double-click it, then Members tab, add the user.

 

 (please don't forget to mark helpful replies)

 

 

 

@Dave Patrick 

 

What does DSA.MSC actually do? also is this ran on the domain controller itself ? 

 

 


 

What does DSA.MSC actually do? also is this ran on the domain controller itself ? 

 

 


It starts ADUC (Active directory Users and Computers) snap-in, yes run it from any domain controller.

 

 (please don't forget to mark helpful replies)

 

 

Please go to ADUC, select entire directory and then add members into it.

 

There is only one schema admin group in AD and its in the root domain hence you cannot search it while selecting the child domains.

 

Hope this clarifies.@AB21805 

Hi @Gurjinderpal_06 , 

 

Thanks for this! Where is entire directory? - only way I see entire directory is when I right click and do a search for a ie computer or user

 

Sorry for the simple question but Im pretty new with DC 

 

Thanks in advance


Thanks for this! Where is entire directory? - only way I see entire directory is when I right click and do a search for a ie computer or user

 


From cmd.exe (on domain controller) run dsa.msc then in Users branch find Schema Admins, double-click it, then Members tab, add the user.

 

 (please don't forget to mark helpful replies)