September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
10.14. Adding or Removing an Attribute in the Global Catalog
Problem
You want to add or remove an attribute in the global catalog.
Solution
Tip
For Windows 2000 Active Directory, you need to enable schema modifications before proceeding. See Recipe 10.2 for more information.
Using a graphical user interface
Open the Active Directory Schema snap-in.
In the left pane, click on the Attributes folder.
In the right pane, double-click the attribute you want to edit.
Check the box beside Replicate this attribute to the Global Catalog to add to the global catalog, or uncheck to remove the global catalog.
Click OK.
Using a command-line interface
You can add an attribute to the global catalog by using the
ldifde utility and an LDIF file that contains the
following:
dn: cn=<AttrCommonName>,cn=schema,cn=configuration,<ForestRootDN> changetype: modify replace: isMemberOfPartialAttributeSet isMemberOfPartialAttributeSet: TRUE -
If the LDIF file were named add_gc_attr.ldf, you
would run the following command:
> ldifde -v -i -f add_gc_attr.ldf
Using VBScript
' This code adds an attribute to the global catalog
' ------ SCRIPT CONFIGURATION ------
' Set to the common name (not LDAP display dame) of the attribute.
strAttrName = "<AttrCommonName>" ' e.g. surname ' Set to TRUE to add to GC, set to FALSE to remove from GC boolAddtoGC = TRUE ' ------ END CONFIGURATION --------- set objRootDSE = GetObject("LDAP://RootDSE") set objAttr = GetObject("LDAP://cn=" & strAttrName & "," & _ objRootDSE.Get("schemaNamingContext")) ...