How to add attributes to AD DS schema with PowerShell

Welcome Forums General PowerShell Q&A How to add attributes to AD DS schema with PowerShell

This topic contains 1 reply, has 2 voices, and was last updated by

 
Participant
5 years, 4 months ago.

  • Author
    Posts
  • #10254

    Participant
    Points: 0
    Rank: Member

    ... and then hang the new attributes on the user class.

    Is there a powershell solution?

    I'm looking for an automated solution for creating attributes in the AD as needed. Why: to enrich WS-federation claims. These claims can be very detailed and vary. Off course we can use ldifde -import function and csv files but i want to explore the possibilities of using solely PowerShell.

    Greetings, Guy

  • #10258

    Participant
    Points: 0
    Rank: Member

    In theory it is possible using New-ADObject

    You need to supply:
    Name
    -Type 'attributeSchema'

    plus
    distinguishedname, attributeId, oMSyntax, attributesyntax, description and search flags

    However,

    Its not something I would recommend you do. A schema update can, and will, cause problems if you get things wrong (remember you can't delete attributes once you've created them).

    I would recommend that a slow & careful approach with full change control and testing is the correct approach. This is one area where "just because you can doesn't mean you should"

The topic ‘How to add attributes to AD DS schema with PowerShell’ is closed to new replies.