Extending the Active Directory Schema

Prior to installing DigitalPersona AD Server, the Active Directory schema must be extended to create new attributes for the user object and new classes, as well as to make modifications to existing classes. The Active Directory Schema Extension Wizard automatically handles all of the necessary changes to the schema.

Each schema extension has a schema extension version number that is independent of the DigitalPersona product version number. Each DigitalPersona product release will identify the schema extension version it requires. This schema extension is global to the Active Directory forest.

If you want to view the script that is used to extend the schema (dp-schema.ldif), it is available in the product package at the following location:

AD Schema Extension /dp-schema.ldif

The Active Directory Schema Extension Wizard must be run from the schema master domain controller, or the data may not replicate fast enough to allow the wizard to continue. If the data is not replicated fast enough, the wizard will terminate, and you should then wait one replication cycle before running the wizard again.

After the schema extension, and again after configuring your domains, you must wait for Active Directory schema replication to be completed. The amount of time this takes will depend on the complexity of your Active Directory structure.

You must have Schema Administrator privileges to run the Schema Extension Wizard.

To run the Active Directory Schema Extension Wizard:

  1. Double-click DPSchemaExt.exe, which is located in the Schema Extension folder in the Server installation package, to start the Schema Extension Wizard.

  2. Read the terms and conditions on the License Agreement page. If you agree with them, select I accept the license agreement and then click Next.

  3. When prompted to proceed with the schema extension, click Yes.

  4. Next, specify a location and name for the log file generated by the Schema Extension Wizard in the Save Log File As dialog box. Then, click Save.

  5. If the schema is not writable, the wizard will inform you of this and allow you to make it writable. If this dialog box displays, click Yes to make the schema writable and perform the schema extension.

  6. The wizard will extend the schema and provide information such as the class and attribute names. To close the wizard, click Finish.

Note: During upgrades, warnings will be thrown for all previously existing elements, however this should not affect the actual success of the installation.

The name of each new attribute and class added to the Active Directory schema follows Microsoft naming conventions. The names are assigned a “dp” prefix, which is registered with Microsoft.

The OID base, generated by Microsoft, is 1.2.840.113556.1.8000.651.