000022592 - How to extend the Active Directory Schema for use with RSA ClearTrust

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022592
Applies To
Microsoft Active Directory 2003

RSA ClearTrust 5.5
Microsoft Management Console (MMC)
IssueHow to extend the Active Directory Schema for use with RSA ClearTrust
The schema manager snap-in is not available in the Microsoft Management Console (MMC)
ResolutionTo extend the Microsoft Active Directory Schema, you must use the "Schema Manager" Microsoft Management Console (MMC) snap-in (which is not available automatically).

To allow you to select the Schema Manager snap-in, you must first register the .DLL. To do this, locate the file schmmgmt.dll (typically located in the C:\Windows\system32\ directory), right click the file, and select "Open With...". Select to open with a file and use the browse button to navigate to regsvr32.exe (typically located in the C:\Windows\system32\ directory). Select OK; regsvr32 should respond back with "DlRegisterServer in C:\windows\system32\schmmgmt.dll succeeded". Now open the MMC application and select File > Add and remove snap-in. Navigate to "Active Directory Schema" and select Add. The schema manager snap-in is now installed.

NOTE: The schema manage is used to extend the schema. Use this tool to add the ctsUserAuxClass as an auxiliary class of the Active Directory User objectclass.
Legacy Article IDa29397