How to add attributes to AD DS schema with PowerShell

This topic contains 1 reply, has 2 voices, and was last updated by  Richard Siddaway 4 years, 9 months ago.

  • Author
  • #10254

    Guy Horn

    ... and then hang the new attributes on the user class.

    Is there a powershell solution?

    I'm looking for an automated solution for creating attributes in the AD as needed. Why: to enrich WS-federation claims. These claims can be very detailed and vary. Off course we can use ldifde -import function and csv files but i want to explore the possibilities of using solely PowerShell.

    Greetings, Guy

  • #10258

    Richard Siddaway

    In theory it is possible using New-ADObject

    You need to supply:
    -Type 'attributeSchema'

    distinguishedname, attributeId, oMSyntax, attributesyntax, description and search flags


    Its not something I would recommend you do. A schema update can, and will, cause problems if you get things wrong (remember you can't delete attributes once you've created them).

    I would recommend that a slow & careful approach with full change control and testing is the correct approach. This is one area where "just because you can doesn't mean you should"

You must be logged in to reply to this topic.