Step-by-Step Guide to

Add or Create Custom

Attribute in Active

Directory

Hussain Shakir

LinkedIn: https://www.linkedin.com/in/mrhussain

Twitter: https://twitter.com/hshakir_ms

Blog: http://mstechguru.blogspot.com/

Table of Contents

About Author ............................................................................................................................................... 2

About Scenario ............................................................................................................................................ 3

Mounting AD Schema ................................................................................................................................. 3

MMC Console .............................................................................................................................................. 4

Creating Attribute ....................................................................................................................................... 6

VBS Script to Create X500 Object ID ......................................................................................................... 7

Adding Attribute in Classes ....................................................................................................................... 10

Restarting AD Services ............................................................................................................................... 13

Custom Attribute Results in User’s Property ............................................................................................ 14

About Author

Shakir is IT Consultant with over 13 years of extensive experience working with Microsoft

Technologies AD, Exchange, O365, Windows Azure, PowerShell, Skype for Business, SQL,

SharePoint and Microsoft public clouds, and providing solutions to different local &

international Enterprise customers.

Shakir has been involved in Infrastructure Designing and Implementation, Virtualization, and

Disaster Recovery. Extensive hands-on experience in Core Server Infrastructure, Cloud

Computing, Virtualization/ Management and Information Protection. Analysis and Support of

Microsoft Windows Server based Client / Server network, AD, Messaging, Skype for Business,

SQL Always ON, Virtualization and System Center Infrastructure Products. Shakir has various

industry certifications: MCT, MCTS, MCITP, MCSA, MCSE: Messaging, MCPS, MCSE: Cloud

Platform and Infrastructure and also providing trainings on Microsoft Based Technologies.

About Scenario

This is a guide on how to create custom Active Directory attributes where an existing attribute

is not available. For example, creating an attribute to hold the value of “StudentID”. This guide

is utilizing Microsoft Windows Server 2012 R2.

In most cases when we need to add information in AD and we have thousands of users, and

we don’t have our specific attribute in AD as per our requirements, in those cases we can create

those attributes in AD and later utilize them in scripting, reporting and other requirements.

Mounting AD Schema

Logon to your Windows Server 2012 R2 Server, which in Domain Controller running AD DS,

and open CMD with run as administrator.

On cmd run this command as regsvr32 schmmgmt.dll

To perform the Schmmgmt.dll registration portion of this procedure, you must be a member

of the Domain Admins group in the domain or the Enterprise Admins group in the forest, or

you must have been delegated the appropriate authority. Adding the Active Directory Schema

snap-in to MMC requires only Domain Users group membership. However, making changes

to the schema requires membership in the Schema Admins group.

MMC Console

Click ok to continue

Click Start, click Run, type mmc, and then click OK

On the File menu, click Add/Remove Snap-in

Creating Attribute

Under Available snap-ins, click Active Directory Schema, click Add, and then click OK

To save this console, on the File menu, click Save

Right Click on Attribute and Click on Create Attribute

Click Continue

Populate the following information, in this lab I am going to create custom attribute with the

name of BatchNumber. You can create as per your requirements.

VBS Script to Create X500 Object ID

To generate Unique X500 Object ID, follow this script.

https://gallery.technet.microsoft.com/scriptcenter/56b78004-40d0-41cf-b95e-6e795b2e8a06

Simply copy this code and paste in a text file then save the file as *.vbs in C:\ and run it.

Go to cmd and run the file, it will generate X500 ObjectID

Copy the ID and paste in Schema Management console

Click OK to continue

As you can see the attribute created as BatchNumber.

Adding Attribute in Classes

At this point you can click on Classes and then select User

Right click on User and click on property

Select Attribute Tab and Click on Add

Select BatchNumber attribute which we create earlier and Click on OK

Click Apply and Click OK

Restarting AD Services

Now go to services.msc

And restart Active Directory Domain Services

At this point we have completed the task, let’s see the results in Active Directory Users and

Computers.

Custom Attribute Results in User’s Property

We have completed the task, you can add multiple custom attribute as per your requirement.

Hope this will help you.