go to  ForumEasy.com   
LdapPro
Home » Archive » Message


[Email To Friend][View in Live Context][prev topic « prev post | next post » next topic]
  How to extend Active Directory (AD) schema Using LDIFDE.exe
 
Subject: How to extend Active Directory (AD) schema Using LDIFDE.exe
Author: JNDI
In response to: How to extend or modify Active Directory (AD) schema -- from LDIF
Posted on: 10/19/2012 05:27:40 AM

As an example, you can use Microsoft utility tool LDIFDE.exe to import the LDIF file shown above.

First of all, Login into your domain controller with an account which should have both Administrator rights and the Schema Admins Group rights.

C:\temp>ldifde.exe -i -f import.ldif -s 10.11.12.13:389

Connecting to "10.11.12.13:389"
Logging in as current user using SSPI
Importing directory from file "import.ldif"
Loading entries...
7 entries modified successfully.

The command has completed successfully


For ADAM/ADLDS, you just need the Administrator rights.
C:\temp>ldifde.exe -i -f import.ldif -s 10.11.12.13:50001 -b Administrator DOMAIN password

Connecting to "10.11.12.13:50001"
Logging in as current user using SSPI
Importing directory from file "import.ldif"
Loading entries...
7 entries modified successfully.

The command has completed successfully


 

> On 09/28/2012 09:16:01 PM eLDAP wrote:
In many cases, it is far better to import the schema extensions with a LDIF file. You can use Microsoft's ldifde.exe or SunOne's ldapmodify.exe tool to apply the following LDIF file:
dn: CN=hr-Salary-Level,CN=Schema,CN=Configuration,DC=example,dc=com
changetype: add
adminDescription: Human Resources Salary Level
adminDisplayName: hr-Salary-Level
attributeID: 1.2.840.113556.1.4.7000.141
attributeSyntax: 2.5.5.9
isSingleValued: TRUE
lDAPDisplayName: hrSalaryLevel
oMSyntax: 2
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=example,dc=com
objectClass: attributeSchema
searchFlags: 0
 
dn: CN=hr-Social-Security-Number,CN=Schema,CN=Configuration,DC=example,dc=com
changetype: add
adminDescription: Human Resources Social Security Number
adminDisplayName: hr-Social-Security-Number
attributeID: 1.2.840.113556.1.4.7000.142
attributeSyntax: 2.5.5.12
isSingleValued: FALSE
lDAPDisplayName: hrSocialSecurityNumber
oMSyntax: 64
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=example,dc=com
objectClass: attributeSchema
searchFlags: 0
rangeLower: 0
rangeUpper: 128
 
dn:
changetype: modify
replace: schemaupdatenow
schemaupdatenow: 1
-
 
dn: CN=hr-Human-Resources,CN=Schema,CN=Configuration,DC=example,dc=com
changetype: add
adminDescription: Human Resources Auxilliary Class
adminDisplayName: hr-Human-Resources
governsID: 1.2.840.113556.1.4.7000.17
lDAPDisplayName: hrHumanResources
objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=example,dc=com
objectClass: classSchema
objectClassCategory: 3
rDNAttID: cn
possSuperiors: organizationalUnit
possSuperiors: container
subClassOf: top
mayContain: hrSocialSecurityNumber
mayContain: hrSalaryLevel
 
dn:
changetype: modify
replace: schemaupdatenow
schemaupdatenow: 1
-
 
dn: CN=User,CN=Schema,CN=Configuration,DC=example,dc=com
changetype: modify
add: auxiliaryClass
auxiliaryClass: hrHumanResources
-
 
dn:
changetype: modify
replace: schemaupdatenow
schemaupdatenow: 1
-




References:

 


 
Powered by ForumEasy © 2002-2022, All Rights Reserved. | Privacy Policy | Terms of Use
 
Get your own forum today. It's easy and free.