Extending the Active Directory Schema
This lab focuses on the process of extending the Active Directory schema to accommodate new application requirements, enhancing directory services functionality while ensuring data integrity and security. Participants will gain hands-on experience in schema modifications and best practices for managing directory objects.
Session duration: 60 minutes
Difficulty
Beginner
Lab level
Lab VMs
1
1 Windows
XP Reward
300 XP
On completion
Virtual machines
Lab VMs
SADC01
Windows
Username / Password
user / password123
Connection type
In-browser RDP / RDP
CPU / RAM
—
Lab instructions
Follow the steps below to complete the lab.
Before extending the Active Directory schema, you need to create a new user attribute. In this step, you will create an Active Directory User attribute called ServerAcademyID.
- Open the
Active Directory Schemasnap-in. - Right-click on
Attributesand selectCreate Attribute. - In the dialog that appears, enter the following details:
- Common Name:
ServerAcademyID - LDAP Display Name:
serverAcademyID - Attribute Syntax: Select
String(for example,String (Unicode)orString (UTF-8))
- Common Name:
- Click
OKto create the attribute. - Verify that
ServerAcademyIDappears in the list of attributes.
After completing the first step, you will now edit a custom Active Directory attribute for a user. In this step, you need to add an integer value of 215873 to the ServerAcademyID attribute for the user paulh.
- Open the Active Directory Users and Computers console.
- Locate the user
paulhin the appropriate organizational unit (OU). - Right-click on the user
paulhand selectProperties. - In the Properties window, navigate to the
Attribute Editortab. - Find the
ServerAcademyIDattribute in the list. - Double-click on
ServerAcademyIDand enter the value215873. - Click
OKto save the changes, then close the Properties window.
Use PowerShell to search for and retrieve the user attribute with the following command:
Ensure it is 215873