Adding an ObjectClass to a user

I need to add an objectclass to a user. From researching and google it seems that this should work:

set-aduser -Identity “nk4978” -Add @{objectClass=“employeehr”}

However it yields this error:

set-aduser : A required attribute is missing
At line:1 char:1

  • set-aduser -Identity “nk4978” -Add @{objectClass=“employeehr”}
  • CategoryInfo : NotSpecified: (nk4978:ADUser) [Set-ADUser], ADException
  • FullyQualifiedErrorId : ActiveDirectoryServer:8316,Microsoft.ActiveDirectory.Management.Commands.SetADUser


So far I am not successful in finding out what these errors mean. From all the examples I’ve found there are no other attributes required. I suspect it has something to do with the objectclass attribute but I am unable to determine what that might be.



You’ve extended the schema to add that custom attribute?

Here is a list of standard attributes.

You could also store them in the generic extended attributes.

The schema has been extended adding the objectclass and it’s accompanying attributes. Modifying attributes is not an issue. Adding an objectclass to a user seems to be a rarely dicussed event. Google and technet are quite silent about it, at least I have not been able to find references to actually adding an objectclass to an object.

My error was so obvious I had to slap my forehead! The message:

set-aduser : A required attribute is missing

Did not mean something was wrong with my command line, rather that the object I was trying to modify was missing required attributes for the objectclass I wanted to add. DOH! Once I added the two missing “MUST” attributes for the employeehr objectclass the powershell command worked as expected.



Awesome! Glad you figured it out.