Some companies need to use AD to store their Employee Numbers or Employee IDs but due to limitations in ADUC MMC most of the people don’t tend to do this.
I am not very sure how frequently some company needs this but one of my friend needed it for sure. 🙂 I did this in my labs few months ago and worked on at least 3 production environments too. I thought I can share this with everyone who reads at my blog. However, the steps I am going to show in this blog post will only apply to Exchange 2007 and Exchange 2010 GAL. Also, the templates editor tool that we are going to use does not show Employee ID field in the bindings page.
There are few steps involved in doing this:
- A simple VB script stored at some location on network.
- Schema Admin group membership to the user account you are going to carry out this operation with.
- Exchange Organization Administrator group membership.
Using the Visual Basic Script
- Copy and Paste the below text in a notepad file and save it as .vbs
On Error Resume Next
Set objemployeeID = Wscript.Arguments
Set objUser = GetObject(objemployeeID(0))
objTemp = InputBox("Current Employee ID: "& objUser.employeeNumber & "If you would like to enter a new number of modify the exisitng number, enter the new number in the textbox below")
if objTemp <> "" then objUser.Put"employeeNumber",objTemp
If Err.Number = "-2147024891" Then
MsgBox "Your current account does not have permissions to modify the Employee-ID attribute. Please log on with an account with appropriate permissions.",16,"Permission Denied"
Set ObjUser = Nothing
Set objemployeeID = Nothing
Set objTemp = Nothing
- Rename this file to .vbs and store at some network share e.g. \servernameADScriptsEmpID.vbs . The only idea behind storing this script on a network location is to keep this available even the ADUC is used from client computers.
Editing Schema and User Display Configurations in AD configuration partition:
Warning: It is highly recommended that you back up your Active Directory before modifying anything in schema. Incorrect changes in schema can cause undesired behavior of Active Directory Services.
- Logon to any domain controller with Schema Admin privileges.
- Click Start –> Run and type regsvr32 schmmgmt.dll and hit enter.
- Click OK on the information dialog that appears on the screen
- Click Start –> Run and type MMC and press enter.
- In MMC click File menu and select Add/Remove Snap-In.
- Click on Add button on Add/Remove Snap-in page.
- Select Active Directory Schema from the list that appears on the screen.
- Click Add and click Close and click Close.
- Expand Classes in Active Directory Schema Snap-in and locate class person.
- Right click on class person, select Properties and click on Attributes tab.
- Click on Add button and select employeeID
- Repeat above step to add employeeNumber as well.
- Now open ADSIEDIT.MSC and locate CN=user-Display,CN=409,CN=DisplaySpecifiers,CN=Configuration,DC=domain,DC=com
- Right click on CN=user-Display and select Properties.
- Locate the attribute adminContextMenu on Attribute Editor page and click Edit button.
- Type ,&Employee-ID,\adpun3AD ScriptsEmpID.vbs exactly as shown in figure below and click Add button. (I recommend copy and paste the text in red color)
- Click OK button and exit the ADSIEDIT.msc
- Now open Active Directory Users and Computers and locate the user account you want to modify the Employee ID for. You will see an additional context menu item in when you right click on the desired user object.
- A new pop up appears when you click the above context menu. You can enter or modify the Employee ID for the select user account using the the pop up.
Adding Employee ID field in Exchange 2007 Global Address List
- Now to make this Employee ID field visible in Exchange 2007 Global Address list you can use Details Templates Editor tool from Exchange 2007 EMC.
- Logon to your Exchange 2007 Server with Organization Administrator and open Exchange Management Console.
- Locate and Open Details Templates Editor Tool from Toolbox node in EMC.
- Locate the template for User type and Language English (United States) and click Edit from Actions pane. Refer below figure.
- A new Editor Opens on the screen. Select a Label and a Edit controls from Tools pane in the opened Editor window and place them at your desired location.
- Add details to the Label control using property editor pane in the editor tool. To do this, select The Label control that you just dragged and dropped on the template and add the text in properties pane.
- Add details to Edit control and bind it to specific attribute in AD. To do this, select the Listbox control and select Employee ID attribute from Properties pane.
- Save the edited template by selecting File Menu and Save.
- Exchange GAL will show the details as shown below. If you are using outlook in cached mode then you will have to wait till the OAB is generated.
I hope you find this useful and can use when you require this. Do let me know if you have any comments on the post.