Add extra columns to Active Directory Users and Computers display

by Pber 21. June 2009 11:47

By default Active Directory Users and Computers only allows you to display specific columns for any given object within Active Directory.  A popular request is to be able to see the Employee Number, but it isn't available by default.  As you can see from the screenshot below, it can be available, but some modifications need to be done.

 

 So how is this done?  First let's discuss how the AD users and computer MMC works.  When the MMC displays the objects for any give container, it has a set of default columns it can display.  You can add/remove what is displayed, but many attributes are missing.  The columns that are allowed to be displayed are stored in an attribute in AD called extraColumns.  Each object type can be customized to allow virtually any attribute available to that object to be allowed in the Add/Remove columns pick list.  When the extraColumns attribute is blank or <Not Set> for any given object type, the default-Display object's extraColumns attribute is used.

 All of this is done using the ADSIEDIT tool.

A note of caution: Be very careful using ADSIEDIT and modifying attributes as you can seriously affect AD.  

  1. Load ADSIEDIT
  2. Connect to the Configuration naming context.
  3. Navigate to CN=DisplaySpecifiers
  4. Navigate to CN=409 (This setting changes as per your locale setting.  409 is for english) 

 

You will now see a list of objects with the class of displaySpecifier.  As mentioned earlier by default most of the Add/Remove columns will load the extraColumns from the CN=default-Display object unless a specific object type contains a values in the extraColumns attribute.  For instance the display specifier for user objects is user-Display and the extraColumns is blank.  Thus the value for extraColumns in the default-Display class is used. 

 

Going back to our previous example, if we wanted to add the Employee Number to the list of Add/Remove columns we would need to navigate to default-Display and add an entry to the extraColumns attribute.  The format for the adding to the list is: <AD Attribute>,<Display Name>,<Default Visibility> ,<Column width>, <Future>

Default Visibility can be either: 0 (hidden) or 1 (visible).  Hidden means you must add it with Add Remove Columns.

Column Width can be -1 (Auto Width), or the column width (i.e. 100)

So adding the following line to extraColumns would do the trick:

employeeNumber,Employee Number,0,100,0

 

Once you save the value, just re-open the Active Directory Users and Computers MMC and you will be able to select the Employee Number to be displayed from the pick list.

A few things to note:

  1. Only one extraColumns attribute is used to display the list of Add/Remove columns, they are not cumulative.  So if you specify something in extraColumns in the user-Display object, it will only show those columns.
  2. Editing the default-Display extraColumns attribute as per the above example, would allow for an Employee Number column to be potentially displayed for all objects types that don't have a extraColumns set for its object type (i.e. Groups, OUs, etc).
  3. The extraColumns in the default-Display objects only works for default containers.  It won't show added columns for an OU.  You need to copy all the extraColumns entries plus your modifications to the organizationalUnit-Display display specifier object for it to work.  If you want only users to show the Employee Number, you would have to copy all values from the extraColumns attribute of default-Display and then add the employeeNumber as per the example.

Hope this helps... feel free to add other attribute as needed.  The ability to edit these extra attribute can be added as well either by programming property page extensions or by linking scripts to the MMC.  I may discuss those in future posts.

 

 

 

 

 

Tags:

Active Directory

Comments (9) -

Mike
Mike United States
9/18/2009 11:21:54 AM #

the default-Display didnt work, however, when I applied it to the organizationalUnit, the column appeared, but it didnt list the contents of the attribute.

I have an attribute called extensionAttribute7, It is an employee ID of sorts it has a value of A and a series of numbers following.( A00000000 )

So, on my extraColumns I put this, but I dont get any values. any thoughts?
extensionAttribute7,A number,0,100,0

Pber
Pber Canada
9/22/2009 9:43:01 AM #

I think I'll adjust the article to indicate that the default-Display doesn't always serve the best purpose.  I had also copied all extraColumns from default display to organizationalUnit.

As far as your issue with extensionAttribute7 not showing the values, I'm not sure.  I cut/paste the exact syntax that you posted, then added data to that attribute and it displays in my lab as expected.  After you make the change in ADSI, you need to restart AD users and computers.  Also if you edit the number in the Exchange Advanced tab, you may need to restart AD user and computers.

Neal
Neal United States
12/17/2010 9:39:55 AM #

This worked like a champ for me, thanks a lot.  (Needed to add the IP Phone number to the ADU&C).

Nag
Nag India
1/7/2011 3:11:59 PM #

i have updated employee id on the default display, its showing on other containers except users container.
any suggestions???

Nagarjuna Reddy
Nagarjuna Reddy India
1/7/2011 4:08:02 PM #

Checked in CN=Container-Display ,nothing is there in extra columns.

instyler
instyler People's Republic of China
3/23/2011 8:40:35 PM #

Just wanna thank you for this great article. This is what I was looking for (Thanks MSN

dentist
dentist India
3/25/2011 10:04:34 AM #

cool, works like magic! thnx a lot..

Chris Shafer
Chris Shafer United States
6/23/2011 10:09:31 AM #

I had to add the attribute to the attributeDisplayNames of user-display to get this to work.

Rich
Rich Canada
9/15/2011 3:05:11 PM #

Searching for a long time to do that.

Very cool trick thank you!

Comments are closed