9. LDAP Server Configuration
Extend and Update the Active Directory Schema
To extend and update the Active Directory Schema, you must do the following
3 procedures: 1) create a new attribute; 2) extend the object class with the new
attribute; and 3) edit the Active Directory users with the extended schema.
The CN8000 supports two types of Active Directory users: The first supports
both authentication and authorization parameter settings on the LDAP server;
the second supports shadow user access rights – where authentication takes
place on the LDAP server, but authorization is via the CN8000’s user database.
Editing Active Directory users with the Type 1 schema is described on
page 142; editing Active Directory users with the Type 2 schema is described
on page 148.
Creating a New Attribute
To create a new attribute do the following:
1. Start
→ Administrative Tools → Active Directory Schema.
2. In the left panel of the screen that comes up, right-click Attributes:
3. Select New
→ Attribute.
4. In the warning message that appears, click Continue to bring up the
Create New Attribute dialog box.
5. Fill in the dialog box to match the entries shown below, then click OK to
complete step 1 of the procedure.