… and then hang the new attributes on the user class.
Is there a powershell solution?
I’m looking for an automated solution for creating attributes in the AD as needed. Why: to enrich WS-federation claims. These claims can be very detailed and vary. Off course we can use ldifde -import function and csv files but i want to explore the possibilities of using solely PowerShell.
Greetings, Guy
In theory it is possible using New-ADObject
You need to supply:
Name
-Type ‘attributeSchema’
plus
distinguishedname, attributeId, oMSyntax, attributesyntax, description and search flags
However,
Its not something I would recommend you do. A schema update can, and will, cause problems if you get things wrong (remember you can’t delete attributes once you’ve created them).
I would recommend that a slow & careful approach with full change control and testing is the correct approach. This is one area where “just because you can doesn’t mean you should”