Share via


Adding Custom Attributes in Active Directory

Adding Custom Attributes in Active Directory

Pre-requisites

Enable Schema Updates by Means of the Registry:

1.

Click Start, click Run, and then in the Open box, type:

regedit

Then press ENTER.

2.

Locate and click the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters

3.

On the Edit menu, click New, and then click DWORD Value.

4.

Enter the value data when the following registry value is displayed:

Value Name: Schema Update AllowedData Type: REG_DWORDBase: BinaryValue Data: Type 1 to enable this feature, or 0 (zero) to disable it.

5.

Quit Registry Editor.

Follow these steps to configure attributes

  1. Install the Schema snap-in (Start, Run, regsvr32 schmmgmt.dll).
  2. Go to Start -> Run -> Type MMC and press Enter
  3. Go to File -> Add/Remove Snap-in -> click Add -> Select Active Directory Schema and click Add
  4. Expand the Active Directory schema and Right Click Attributes
  5. Click “Create Attribute”
  6. Create New Attribute window will appear
  7. In Common name enter “ROLLNUMBER”
  8. Enter LDAP name also as “ROLLNUMBER”
  9. Get OID please refer http://msdn2.microsoft.com/en-us/library/ms677620.aspx
  10. For our demo we have used DUMMY Values like 1.2.3.4.5
  11. Select the appropriate syntax, which in our case may be INTEGER. Assuming that in ROLLNUMBER we have all INTEGER Values.
  12. Mention Minimum and Maximum values if required. These are optional you can leave them blank.
  13. Once created your attribute will look as below
  1. Once Attribute is created, select Classes
  2. Expand CLASSES and Select PERSON
  1. Rick click PERSON and select Properties
  2. Click Attribute Tab and click Add
  3. Select the Attribute you created and click OK.
  1. Click OK to close all property windows
  2. Goto Start ->Run -> Type ADSIEDIT.MSC. For running this command you may need to install the support tools from the Windows installation CD.
  3. Open the Active Directory Service Interfaces (ADSI) Edit utility, then navigate to Configuration Container, CN=Configuration,
  4. Click CN=DisplaySpecifiers
  5. Click CN=409.
  1. In the right-pane, locate and right-click CN=user-display, and select Properties.
  1. Select AdminContextMenu and click EDIT
  2. In the Edit Attribute box, type the following:

27. Enter the following in the Empty box and Click Add

     3,&ROLL NUMBER, c:\EnterAttrib.vbs

Note:

3 is the serial number

&ROLL NUMBER is the Attribute which will appear in User and Computers context Menu

C:\EnterAttrib.vbs is the script which will add the value to attribute

Please do not change the Syntax

 

  1. Click OK to close all window popups
  2. Select Configuration in ADSIEDIT panel and Right Click
  3. Click “UPDATE SCHEMA NOW
  1. These steps configure the options ROLL NUMBER on the context menu for a user in the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in.
  2. You must write and place the following scripts on your C drive or somewhere else in your file path:
 Dim oVar
 Dim oUsr
 Dim tmp
 Set oVar = Wscript.Arguments
 Set oUsr = GetObject(oVar(0))
 tmp = InputBox("The Roll Number of the user is: " & oUsr.ROLLNUMBER &  vbCRLF & vbCRLF & “Enter the new Roll Number Below“)
 if tmp <> "" then oUsr.Put "ROLLNUMBER",tmp
 oUsr.SetInfo
 Set oUsr = Nothing
 WScript.Quit

How To Add Custom Attributes to the Directory Service Find List

1.

Use ADSIEdit to select the Configuration namespace.

2.

Expand the displaySpecifier container.

3.

Expand the appropriate displaySpecifier container. For example, "409" is English.

4.

View the Properties for the user-Display object.

5.

Modify the attributeDisplayNames attribute by adding a value in the format:

Your_new_Attribute,friendly_name

For example, "Roll Number" looks like this:

ROLLNUMBER,Roll Number

Comments

  • Anonymous
    January 01, 2003
    I just do not understand how it works for most of the persons here. It does not include complete information and screenshots. Also, it just silent on C:EnterAttributes.vbs? what we need to insert in this file. A poor written article looks like a copy/paste.

  • Anonymous
    January 01, 2003
    Just a quick post to flag this article. This is really good to have handy. Note that making changes to

  • Anonymous
    March 01, 2008
    How do i make this ROLL number attribute visible to the users so that they can add value to it & gets saved in the AD?

  • Anonymous
    February 03, 2009
    How can this be displayed in ADUC

  • Anonymous
    February 08, 2009
    This is really great, that what I was searching for but I did not get the last step which is running this script on C, how can I do. May U advice plz :). Thank U,

  • Anonymous
    March 04, 2009
    Can you please tell me how to display the ROLLNUMBER Attribute in the AD User Profile UI.

  • Anonymous
    April 14, 2009
    Hi man, thanks very much. was really helpful.

  • Anonymous
    May 05, 2009
    The comment has been removed

  • Anonymous
    August 10, 2009
    Very Clear, VBS script needs to be modified though, it would be  also helpful if we mentioned that no hyphen is allowed in the ROLLNUMBER because it will not make the script work properly.,,,Thanks Alot,,

  • Anonymous
    June 14, 2010
    Nice stuff. It might help me. Thanks for the post

  • Anonymous
    October 07, 2010
    Very educating post, saved the blog in interest to read more information! Thanks so much for posting a lot of this awesome content! Looking forward to checking out more!

  • Anonymous
    October 07, 2010
    Very educating post, saved the blog in interest to read more information! Thanks so much for posting a lot of this awesome content! Looking forward to checking out more!

  • Anonymous
    December 25, 2010
    thanks so very very very very..... much

  • Anonymous
    June 23, 2011
    It's very good stuff. It saved me lot of time. Thank you so much.

  • Anonymous
    November 26, 2011
    How we can create an new attribute for ad user account which will keep disable date  time stamp for  that user account..chavhan@ Hotmail.com

  • Anonymous
    November 05, 2012
    How do i make this ROLL number attribute visible to the users so that they can add value to it & gets saved in the AD?

  • Anonymous
    September 17, 2013
    Nice work.. we can have a look at this also www.morgantechspace.com/.../how-to-create-custom-attribute-in.html