10.14. Adding or Removing an Attribute in the Global Catalog
Problem
You want to add or remove an attribute in the global catalog.
Solution
Tip
For Windows 2000 Active Directory, you need to enable schema modifications before proceeding. See Recipe 10.2 for more information.
Using a graphical user interface
Open the Active Directory Schema snap-in.
In the left pane, click on the Attributes folder.
In the right pane, double-click the attribute you want to edit.
Check the box beside Replicate this attribute to the Global Catalog to add to the global catalog, or uncheck to remove the global catalog.
Click OK.
Using a command-line interface
You can add an attribute to the global catalog by using the
ldifde utility and an LDIF file that contains the
following:
dn: cn=<AttrCommonName>,cn=schema,cn=configuration,<ForestRootDN> changetype: modify replace: isMemberOfPartialAttributeSet isMemberOfPartialAttributeSet: TRUE -
If the LDIF file were named add_gc_attr.ldf, you
would run the following command:
> ldifde -v -i -f add_gc_attr.ldf
Using VBScript
' This code adds an attribute to the global catalog
' ------ SCRIPT CONFIGURATION ------
' Set to the common name (not LDAP display dame) of the attribute.
strAttrName = "<AttrCommonName>" ' e.g. surname ' Set to TRUE to add to GC, set to FALSE to remove from GC boolAddtoGC = TRUE ' ------ END CONFIGURATION --------- set objRootDSE = GetObject("LDAP://RootDSE") set objAttr = GetObject("LDAP://cn=" & strAttrName & "," & _ objRootDSE.Get("schemaNamingContext")) ...Get Active Directory Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
