Then system will give a warning about the schema object creation and click OK to continue. After that you can use MMC and add active directory schema as snap-in. Tip – In order to open active directory schema snap-in you need to run command regsvr32 schmmgmt.dll from the Domain Controller. In order to create custom attributes, go to active directory schema snap-in, right click on attributes container and select create attribute. Instead of both system operate as data feeds, now HR system pass the filtered values to Active directory and it exports all the required data in CSV format to the application. The final solution was to add custom attributes to active directory schema and associate it with the user class. If active directory need to hold all the required data, it somehow need to store the data comes from HR system as well. Instead of keeping two data feeds to the system we decided to treat the active directory as the trustworthy data source for this new system. Some of these required data about users can retrieve from active directory and some of user data can retrieve from the HR system. It has defined its fields in the database and we need to match the data on that order. They got a new requirement for an employee collaboration application which required data input in specific way. They also maintaining a HR system which is not integrated with active directory. They have active directory infrastructure in place. One’s a customer was talking to me regarding similar requirement. If there is another application which required to retrieve data from both system’s attributes how we can facilitate such without data duplication? Each system’s attributes hold some data about the objects even its referring to same user or device. But active directory use username to identify a unique record. As an example, HR system uses employee ID to identify an employee record uniquely from others. These application attributes most of the time will not match the attributes on active directory. Similar to active directory attributes, these applications can also have their own attributes defined by its database system to store the data. Some applications have their own way of handling its user accounts and privileges. If these applications are integrated with active directory it’s still provides central identity management but it’s not always. Some may in in-house infrastructures and some may even in public cloud. Organization’s identities can sit on active directory as well as applications. In modern infrastructures, applications are decentralizing identity management. It is most of the time related to application integration requirements with active directory infrastructure. In organizations, there are situations where this option is useful. In active directory schema, it is allowed to add custom attributes.