Rename or Delete Custom Attribute from Active Directory?

Question

The AD administrator at my company added a custom attribute to the Active Directory schema. The name assigned to this attribute is just plain wrong, and I want it to be corrected. Is there any way to change the name of a custom attribute, or remove it from the schema?

The icing on this cake is that he tossed it directly into the production environment.

Your help is appreciated!

Answer 1

As far as I know, it's not possible to rename an attribute in Active-Directory Schema.

To Handle your problem I will :

first create the new (well spelled) attribute in the Shema (Make sure the schema is replicated).

Search all the objects with the old (plain wrong) attribute then copy the value to the new attribute AND remove the value from the old attribute.

Then you'll find here under an LDIF script that allow to place an attribute as defunct. The strange way it's done (renaming in the schema definition all the attributes where the name is present) allow you to recreate an attribute with the same name (for example if you want to change the syntax of the attribute). It's supposed to work up to W2K3R2 (dont test on W2K8R2).

dn: CN=slxMesPotes,CN=Schema,CN=Configuration,DC=XXXX
changetype: modrdn  
newrdn: cn=slxMesPotesOld
deleteOldRdn: 1

dn: CN=slxMesPotesOld,CN=Schema,CN=Configuration,DC=XXXX
changetype: modify  
replace: adminDisplayName
adminDisplayName: slxMesPotesOld
-

dn: CN=slxMesPotesOld,CN=Schema,CN=Configuration,DC=XXXX
changetype: modify  
replace: lDAPDisplayName
lDAPDisplayName: slxMesPotesOld
-

dn: CN=slxMesPotesOld,CN=Schema,CN=Configuration,DC=XXXX
changetype: modify  
replace: isDefunct
isDefunct: TRUE
-