Name

schema

Synopsis

Add a new attribute to an existing class, or create a new attribute or class in the schema.

Procedures

Before you can use the Active Directory Schema snap-in, you must register it by:

Start Run regsvr32 schmmgmt.dll OK OK

Next you need to create a custom administrative console by adding the Active Directory Schema snap-in to a blank MMC console (see the beginning of Chapter 5 for information on how to create and save a custom console). Call this new console Active Directory Schema for easy reference.

As an extra precaution, before you can use this console to modify the schema, you must also create a value for a registry key on the domain controller on which you will be running the console (this should be the schema operations master in the domain). You can do this by:

Active Directory Schema right-click on Active Directory Schema Operations Master select “The Schema may be modified on this Domain Controller.”

Note that this dialog box displays which domain controller in your domain is your schema master. Alternatively, you can open regedt32 and navigate to the registry key:

HKEY_LOCAL_MACHINE   \SYSTEM     \CurrentControlSet       \Services        \NTDS         \Parameters

Create a new value called Schema Update Allowed of type REG_DWORD, and set its value to 1.

Warning

Do not modify the schema unless you really have to and unless you really know what you’re doing! Careless changes can wreak havoc with Active Directory.

Add an Attribute to a Class

Active ...

Get Windows 2000 Administration in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.