Directory Services

Defining a New Attribute

Consider the following before defining a new attribute:

Use existing attributes when possible.
Always use the cn ("common name") property as the naming (relative distinguished name) attribute. This is the default for most classes, including those derived directly from Top. The cn property is an indexed property and will make searching for objects by name more efficient.
Large multi-valued attributes are costly to store and retrieve and should be avoided. Active Directory implements an LDAP extension to enable incremental read of large properties with multiple values, but not all LDAP clients will recognize this extension.
Remember that attributes are flat, that is there is no implied substructure to an attribute. All attributes in a given class should relate directly to instances of that class.

Creating a New Attribute

To create a new attribute:

Choose a name for the attribute. The name will be contained in the cn and lDAPDisplayName attributes. For more information about composing a name for a new attribute, see Naming Attributes and Classes.
Obtain an object identifier (OID) for the attribute. For more information, see Obtaining a Root Object Identifier.
Choose a syntax for the attribute. The syntax is determined by the combination of the oMSyntax and oMObjectClass attributes. For more information, see Choosing a Syntax.
Decide if the attribute is single or multi-valued. The isSingleValued attribute determines if the attribute is single or multi-valued.
Decide if the attribute should be indexed by default. For more information, see Indexed Attributes.
Decide if the attribute should be in the global catalog by default. For more information, see Attributes Included in the Global Catalog.
If the attribute is an integer or string, decide if a range limit is required. The rangeLower and rangeUpper attributes are used to specify the range limit.
If the attribute is DN-valued, decide if the attribute should be linked with another attribute. If so, the linkID attribute must be set appropriately on each attribute; one attribute must be a forward link, the other a back link. To avoid conflicts, values for the linkID attributes should be obtained from the http://msdn.microsoft.com/certification/ADLinkID.asp Web site. For more information about linked attributes, see Linked Attributes.

Create a new attributeSchema object in the schema container and set the appropriate attributes for the object. There are a large number of attributes that can be set for an attributeSchema object, but the attributes listed in the following table below are critical to the definition of a new attribute. The values of these attributes are determined by the previous steps. For more information about these attributes, see Characteristics of Attributes.

Attribute	Comment
cn	Required.
lDAPDisplayName	Required.
adminDisplayName	Required.
attributeSyntax	Required.
oMSyntax	Required.
oMObjectClass	Required.
schemaIDGUID	Required.
attributeID	Required.
isSingleValued	Required.
searchFlags	Required.
isMemberOfPartialAttributeSet	Required.
rangeLower	Optional.
rangeUpper	Optional.
linkID	Optional. Required for linked attributes.
description	Optional.

Commit the new attributeSchema object to the schema container.
Update the schema cache, if necessary. For more information, see Updating the Schema Cache.