Adding Custom Attributes in Active Directory
Adding Custom Attributes in Active Directory
Pre-requisites
Enable Schema Updates by Means of the Registry:
1. |
Click Start, click Run, and then in the Open box, type: regedit Then press ENTER. |
2. |
Locate and click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters |
3. |
On the Edit menu, click New, and then click DWORD Value. |
4. |
Enter the value data when the following registry value is displayed: Value Name: Schema Update AllowedData Type: REG_DWORDBase: BinaryValue Data: Type 1 to enable this feature, or 0 (zero) to disable it. |
5. |
Quit Registry Editor. |
Follow these steps to configure attributes
- Install the Schema snap-in (Start, Run, regsvr32 schmmgmt.dll).
- Go to Start -> Run -> Type MMC and press Enter
- Go to File -> Add/Remove Snap-in -> click Add -> Select Active Directory Schema and click Add
- Expand the Active Directory schema and Right Click Attributes
- Click “Create Attribute”
- Create New Attribute window will appear
- In Common name enter “ROLLNUMBER”
- Enter LDAP name also as “ROLLNUMBER”
- Get OID please refer http://msdn2.microsoft.com/en-us/library/ms677620.aspx
- For our demo we have used DUMMY Values like 1.2.3.4.5
- Select the appropriate syntax, which in our case may be INTEGER. Assuming that in ROLLNUMBER we have all INTEGER Values.
- Mention Minimum and Maximum values if required. These are optional you can leave them blank.
- Once created your attribute will look as below
- Once Attribute is created, select Classes
- Expand CLASSES and Select PERSON
- Rick click PERSON and select Properties
- Click Attribute Tab and click Add
- Select the Attribute you created and click OK.
- Click OK to close all property windows
- Goto Start ->Run -> Type ADSIEDIT.MSC. For running this command you may need to install the support tools from the Windows installation CD.
- Open the Active Directory Service Interfaces (ADSI) Edit utility, then navigate to Configuration Container, CN=Configuration,
- Click CN=DisplaySpecifiers
- Click CN=409.
- In the right-pane, locate and right-click CN=user-display, and select Properties.
- Select AdminContextMenu and click EDIT
- In the Edit Attribute box, type the following:
27. Enter the following in the Empty box and Click Add
3,&ROLL NUMBER, c:\EnterAttrib.vbs
Note:
3 is the serial number
&ROLL NUMBER is the Attribute which will appear in User and Computers context Menu
C:\EnterAttrib.vbs is the script which will add the value to attribute
Please do not change the Syntax
- Click OK to close all window popups
- Select Configuration in ADSIEDIT panel and Right Click
- Click “UPDATE SCHEMA NOW”
- These steps configure the options ROLL NUMBER on the context menu for a user in the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in.
- You must write and place the following scripts on your C drive or somewhere else in your file path:
Dim oVar
Dim oUsr
Dim tmp
Set oVar = Wscript.Arguments
Set oUsr = GetObject(oVar(0))
tmp = InputBox("The Roll Number of the user is: " & oUsr.ROLLNUMBER & vbCRLF & vbCRLF & “Enter the new Roll Number Below“)
if tmp <> "" then oUsr.Put "ROLLNUMBER",tmp
oUsr.SetInfo
Set oUsr = Nothing
WScript.Quit
How To Add Custom Attributes to the Directory Service Find List
1. |
Use ADSIEdit to select the Configuration namespace. |
2. |
Expand the displaySpecifier container. |
3. |
Expand the appropriate displaySpecifier container. For example, "409" is English. |
4. |
View the Properties for the user-Display object. |
5. |
Modify the attributeDisplayNames attribute by adding a value in the format: Your_new_Attribute,friendly_name For example, "Roll Number" looks like this: ROLLNUMBER,Roll Number |