How to Create User attribute in Active directory

Extending the schema

When the set of classes and attributes in the base Active Directory schema do not meet your needs, you can extend the schema by modifying or adding classes and attributes. You should only extend the schema when absolutely necessary. The easiest way to extend the schema is through the Schema Microsoft Management Console (MMC) snap-in. You should always develop and test your schema extensions in a test lab before moving them to your production network

To install the Active Directory Schema snap-in

Open an elevated command prompt. Click Start, type command prompt, and then right-click Command Prompt when it appears in the Start menu. Next, click Run as administrator. When the command prompt opens, type the following command, and then press ENTER

regsvr32 schmmgmt.dll


  1. Click Start, click Run, type mmc, and then click OK.
  2. On the File menu, click Add/Remove Snap-in.
  3. Under Available snap-ins, click Active Directory Schema, click Add, and then click OK.


  1. To save this console, on the File menu, click Save.
  2. In the Save As dialog box, do one of the following:
    • To place the snap-in in the Administrative Tools folder, in File name, type a name for the snap-in, and then click Save.
    • To save the snap-in to a location other than the Administrative Tools folder, in Save in, navigate to a location for the snap-in. In File name, type a name for the snap-in, and then click Save.
Modifying the schema is an advanced operation that is best performed by experienced programmers and system administrators. For detailed information about modifying the schema, see Active Directory Schema (http://go.microsoft.com/fwlink/?LinkId=80809).

Additional considerations

  • To perform the Schmmgmt.dll registration portion of this procedure, you must be a member of the Domain Admins group in the domain or the Enterprise Admins group in the forest, or you must have been delegated the appropriate authority. Adding the Active Directory Schema snap-in to MMC requires only Domain Users group membership. However, making changes to the schema requires membership in the Schema Admins group.


Creating a New Attribute

When creating classes and attributes, note the following:

  • Do not include spaces when entering the attribute and class names. An LDAP display name with embedded spaces can cause problems.
  • Object identifiers (OIDs) are issued by International Standards Authorities such as the International Telecommunications Union (ITU) to prevent issuance of duplicates. If your organization expects to create new classes and attributes, you may want to first request OIDs from the relevant standards body in your country. The OIDs listed here have been issued by Microsoft and are guaranteed to be unique. Do not create your own OIDs.

Add a new schema class or attribute definition

To add a new schema class or attribute definition

  1. Open the Active Directory Schema snap-in.
  2. In the console tree, click Active Directory Schema.
  3. Do one of the following:
    • To add a class definition, in the console tree, right-click Classes, click Create Class, and then follow the instructions.

To add an attribute definition, in the console tree, right-click Attributes, click Create Attribute





Voer waardes in bij Common Name and Description

Wijzig Syntax in Generalized Time


The Unique X500 Object ID MUST be filled in.

To get a unique X500 ID follow the instructions on


Copy the code into Notepad and save as .VBS

Open het VBS script



Root OID = 1.2.840.113556.1.8000.2554.26957.60255.54271.18045.36403.10579657.3450681


Our Rooyt OID = 1.2.840.113556.1.8000.2554.26957.60255.54271.18045.36403.10579657.3450681

Attribute will be: 1.2.840.113556.1.8000.2554.26957.60255.54271.18045.36403.10579657.3450681.2

First attribute OID: 1.2.840.113556.1.8000.2554.26957.60255.54271.18045.36403.10579657.3450681.2.1



İp Adresiniz

1 Star2 Stars3 Stars4 Stars5 Stars (2 Kişi oy verdi, 5 üzerinden ortalama puan: 5,00. Bu yazıya oy vermek ister misiniz?)
Tayfun KUŞAK

Tayfun KUŞAK

Genç yaşlarda bilgisayar ile tanıştı. Sektörde pek çok farklı pozisyonlarda ve farklı firmada görev aldı. Microsoft System Managment, Active Directory, Virtualization, Disaster Recovery, Mail Server, Security uzmanlık alanlarından sadece birkaç tanesi. Şu anda özel bir kuruluşta “Sistem Yöneticisi” olarak çalışmakta. MCP,MCSA,MCSE

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir