| Author |
Topic: How to extend or modify Active Directory (AD) schema -- from UI |
|
eLDAP
member
offline  |
| |
| posts: |
107 |
| joined: |
08/02/2006 |
| from: |
Austin, TX |
|
|
 |
|
|
| How to extend or modify Active Directory (AD) schema -- from UI |
Step 1) Start Active Directory Schema UI
1. Click Start, click Run, type mmc, and then click OK.
2. On the File menu, click Add/Remove Snap-in, and then click Add.
3. Under Available Standalone Snap-ins, double-click Active Directory Schema, click Close, and then click OK.
How to save this console:
On the File menu, click Save.
In Save in, point to the systemroot\system32 directory.
In File name, type schmmgmt.msc, and then click Save.
How to install Active Directory Schema snap-in:
Click Start, click Run
Type: regsvr32 schmmgmt.dll
This command will register Schmmgmt.dll on your computer.
How to create a shortcut on your Start menu:
Right-click Start, click Open All Users, double-click the programs folder, and then double-click the Administrative Tools folder.
On the File menu, point to New, and then click Shortcut.
In the Create Shortcut Wizard, in Type the location of the item, type schmmgmt.msc, and then click Next.
On the Select a Title for the program page, in Type a name for this shortcut, type Active Directory Schema, and then click Finish.
|
|
|
|
|
|
|
eLDAP
member
offline  |
| |
| posts: |
107 |
| joined: |
08/02/2006 |
| from: |
Austin, TX |
|
|
|
|
|
| Step 2) Check to see if you have the right to do so. |
Before proceeding, make sure that your account is a member of the Schema Administrators group.
For exmaple, the following account has the right to modify schema.
dn: CN=testUser,CN=Users,DC=myCompany,DC=com
memberOf: CN=Schema Admins,CN=Users,DC=myCompany,DC=com
...
|
|
|
|
|
|
|
eLDAP
member
offline |
| |
| posts: |
107 |
| joined: |
08/02/2006 |
| from: |
Austin, TX |
|
|
|
|
|
| Step 3) Create new attributes |
To create new attributes
Open Active Directory Schema Snap-in
Right-click Attributes
Click New, and then select Attribute
Create the following new attributes:
Common Name: hr-Salary-Level
LDAP Display Name: hrSalaryLevel
Unique X500 Object ID: 1.2.840.113556.1.4.7000.141
Syntax: Integer
Common Name: hr-Social-Security-Number
LDAP Display Name: hrSocialSecurityNumber
Unique X500 Object ID: 1.2.840.113556.1.4.7000.142
Syntax: Case Insensitive String
|
|
|
|
|
|
|
eLDAP
member
offline |
| |
| posts: |
107 |
| joined: |
08/02/2006 |
| from: |
Austin, TX |
|
|
|
|
|
| Step 4) Create new classes |
To create new class
Open Active Directory Schema Snap-in
Right-click Class
Click New, and then click Class
Create the new class with the following values:
Common Name: hr-Human-Resources
LDAP Displayname: hrHumanResources
Unique X.500 Object ID: 1.2.840.113556.1.4.7000.17
Parent Class: (Leave blank)
Class Type: Auxiliary
On Create New Schema Class panel, click Add, select the schema object to be added as either Mandatory or Optional attribute.
|
|
|
|
|
|
|
eLDAP
member
offline |
| |
| posts: |
107 |
| joined: |
08/02/2006 |
| from: |
Austin, TX |
|
|
|
|
|
| Step 5) Extend target class |
Now, with the auxiliary class available, you can extend your target class, let's say User, by adding the auxiliary class to it
To add a new auxiliary class
Right-click the User class node
Click Properties. Click the Relationship tab
Click Add. Select hrHumanResources and click OK.
Now, you object class User has been extended with the auxiliary class hrHumanResources which contains extra attributes hrSalaryLevel and hrSocialSecurityNumber.
|
|
|
|
|
|
|
|
Email To Friend | 
Set Alert To This Topic
New Topic | 
Post Reply 
posted on: 07/25/2012 08:38:42 PM
Edit
Quote
Report
Profile
Reply