Best practice for adding additional fields to AD Schema?Raising Functional Level of Child DomainNetwork connectivity requirements for Active Directory forestLimitations of Custom Fields in Active Directorynetbios domain renameDomain Upgrade: when it is necessary to do it through migration to a new forest/domain?Naming a new Active Directory forest - why is split-horizon DNS not recommended?When do you need a new AD forest, and when do you need a new tree?AD Best Practice for the connection specific DNS suffix network settingMaximum Length for Custom AD Schema Attribute NamesActive Directory full forest recovery - Doubts about obscure sentence in MS documentation
How to get cool night-vision without lame drawbacks?
Impossible darts scores
Loss of power when I remove item from the outlet
Old sci-fi story: radiation mutated the animals, a boy loses a limb, but it's okay because "humans used to do great with only two arms"
When to remove insignificant variables?
What's the difference between a deep fryer and a chip pan?
Greeting with "Ho"
What is the origin of Scooby-Doo's name?
What is "industrial ethernet"?
How to make clear to people I don't want to answer their "Where are you from?" question?
How does a blind passenger not die, if driver becomes unconscious
Employer wants to use my work email account after I quit
Why do textbooks often include the solutions to odd or even numbered problems but not both?
Do I have to explain the mechanical superiority of the player-character within the fiction of the game?
Array initialization optimization
What does the hyphen "-" mean in "tar xzf -"?
What is the legal status of travelling with methadone in your carry-on?
Is it illegal to withhold someone's passport and green card in California?
If I wouldn't want to read the story, is writing it still a good idea?
Why does the Saturn V have standalone inter-stage rings?
Why do all the teams that I have worked with always finish a sprint without completion of all the stories?
Suggested order for Amazon Prime Doctor Who series
How can I politely work my way around not liking coffee or beer when it comes to professional networking?
Can you find x?
Best practice for adding additional fields to AD Schema?
Raising Functional Level of Child DomainNetwork connectivity requirements for Active Directory forestLimitations of Custom Fields in Active Directorynetbios domain renameDomain Upgrade: when it is necessary to do it through migration to a new forest/domain?Naming a new Active Directory forest - why is split-horizon DNS not recommended?When do you need a new AD forest, and when do you need a new tree?AD Best Practice for the connection specific DNS suffix network settingMaximum Length for Custom AD Schema Attribute NamesActive Directory full forest recovery - Doubts about obscure sentence in MS documentation
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
We have a few services that are connected to our domain through SAML and some other sync tools. We are looking at adding custom fields to the AD Schema to hold the data for these services (fields for primary group for a few services, separate fields for preferred first/last name, multi-entry field for e-mail aliases, etc...)
I would like to avoid using existing fields as they don't describe their contents and are finite.
I couldn't find any information regarding best practice for adding additional fields, other than a few warnings that it may break compatibility with upgrades. I have been able to add additional fields to the schema in my test environment and I didn't notice any issues, but I'd like to avoid stepping on any landmines this might bring down the road.
My main concern is that if I extend the schema I won't be able to raise the forest/domain operational level in the future when the schema is updated. Is this the case? Are there any best practices or common gotchas in regards to this?
windows active-directory
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
migrated from superuser.com Jun 5 at 19:38
This question came from our site for computer enthusiasts and power users.
add a comment |
We have a few services that are connected to our domain through SAML and some other sync tools. We are looking at adding custom fields to the AD Schema to hold the data for these services (fields for primary group for a few services, separate fields for preferred first/last name, multi-entry field for e-mail aliases, etc...)
I would like to avoid using existing fields as they don't describe their contents and are finite.
I couldn't find any information regarding best practice for adding additional fields, other than a few warnings that it may break compatibility with upgrades. I have been able to add additional fields to the schema in my test environment and I didn't notice any issues, but I'd like to avoid stepping on any landmines this might bring down the road.
My main concern is that if I extend the schema I won't be able to raise the forest/domain operational level in the future when the schema is updated. Is this the case? Are there any best practices or common gotchas in regards to this?
windows active-directory
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
migrated from superuser.com Jun 5 at 19:38
This question came from our site for computer enthusiasts and power users.
add a comment |
We have a few services that are connected to our domain through SAML and some other sync tools. We are looking at adding custom fields to the AD Schema to hold the data for these services (fields for primary group for a few services, separate fields for preferred first/last name, multi-entry field for e-mail aliases, etc...)
I would like to avoid using existing fields as they don't describe their contents and are finite.
I couldn't find any information regarding best practice for adding additional fields, other than a few warnings that it may break compatibility with upgrades. I have been able to add additional fields to the schema in my test environment and I didn't notice any issues, but I'd like to avoid stepping on any landmines this might bring down the road.
My main concern is that if I extend the schema I won't be able to raise the forest/domain operational level in the future when the schema is updated. Is this the case? Are there any best practices or common gotchas in regards to this?
windows active-directory
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
We have a few services that are connected to our domain through SAML and some other sync tools. We are looking at adding custom fields to the AD Schema to hold the data for these services (fields for primary group for a few services, separate fields for preferred first/last name, multi-entry field for e-mail aliases, etc...)
I would like to avoid using existing fields as they don't describe their contents and are finite.
I couldn't find any information regarding best practice for adding additional fields, other than a few warnings that it may break compatibility with upgrades. I have been able to add additional fields to the schema in my test environment and I didn't notice any issues, but I'd like to avoid stepping on any landmines this might bring down the road.
My main concern is that if I extend the schema I won't be able to raise the forest/domain operational level in the future when the schema is updated. Is this the case? Are there any best practices or common gotchas in regards to this?
windows active-directory
windows active-directory
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
asked Jun 5 at 19:23
Nathan LadwigNathan Ladwig
63
63
migrated from superuser.com Jun 5 at 19:38
This question came from our site for computer enthusiasts and power users.
migrated from superuser.com Jun 5 at 19:38
This question came from our site for computer enthusiasts and power users.
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970275%2fbest-practice-for-adding-additional-fields-to-ad-schema%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970275%2fbest-practice-for-adding-additional-fields-to-ad-schema%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
