All Collections
FAQs and Troubleshooting
Password Management
How to extension of the scheme manually?
How to extension of the scheme manually?

This article shows the procedure of extending the scheme to be followed manually.

Support Team avatar
Written by Support Team
Updated over a week ago

If you wish to extend the Active Directory scheme of your organization manually, follow the steps below:

Define the name of the Boardgent attributes

The first thing you must do is define the name of the attributes that will be used for the Boargent solution; Next, the default names that you can use for the extension of the scheme:

  • boardgentBiosAdmPwd - Stores the BIOS key

  • boardgentBiosAdmPwdExpirationTime - Stores the BIOS key

  • boardgentSettings - Stores general BIOS settings

  • boardgentWindowsAdmPwd - Store the Local Administrator password

  • boardgentWindowsAdmPwdExpirationTime - Stores the date of the Local Administrator

Generation of object identifier (OID)

Before proceeding to the creation of the attributes you need to generate an object identifier (OID) using a GUID and the OID prefix (1.2.840.113556.1.8000.2554), this is done using a VBS Script, to start it PowerShell on the domain controller and call the file oidgen.VBS. For more information, consult the following link: https://gallery.technet.microsoft.com/scriptcenter/56b78004-40d0-41cf-b95e-6e795b2e8a06

Creating the BoardGent attributes

The generated OID will be used by adding a numbering at the end (.1) to create the attributes. Example:

1.2.840.113556.1.8000.2554.51744.39239.8393.17146.43382.2321095.11656511.1 - boardgentBiosAdmPwd

Definition of the data type of the attributes

Each attribute has a specific data type for the proper functioning of the solution; that type of data is defined below:

Create the attributes in the Schema Active Directory console

When you have the Schema console open, please follow these steps:

  • Right click on Attributes and then select Create the attribute

  • Click Continue (The warning that is displayed is to inform that the creation of a new Active Directory attribute is not a reversible operation and that it can not be deleted once it has been performed)

  • Create the attributes taking into account the Syntax and the OID

Attribute to store passwords

Attribute to store the expiration date of passwords

Attribute to store BIOS settings

Attribute to store the passwords of the Local Administrator

Attribute to store the expiration date of the Local Administrator Passwords

Note: the names of the attributes used in the images are a reference, they must be replaced by those defined by your organization.

After the scheme has been maintained for Boardgent, the attributes must be assigned to the computer object. See the following article on how to assign the attributes to the computer object.
โ€‹

Did this answer your question?