Add a member to the Schema Admins group

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To add a member to the Schema Admins group

  • Using the Windows interface

  • Using a command line

Using the Windows interface

  1. Open Active Directory Users and Computers.

  2. In the console tree, click Users in the forest root domain.

    Where?

    • Active Directory Users and Computers/forest root domain/Users

      Or, click the folder that contains the user account.

  3. In the details pane, right-click the user account that you want to add, and then click Properties.

  4. Click the Member Of tab, and then click Add.

  5. In Enter the object names to select, type Schema Admins, and then click OK.

Notes

  • To perform this procedure, you must be a member of the Domain Admins group (in the forest root domain) or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • To open Active Directory Users and Computers, click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.

  • To add users and computers to a group, you can also select the users and computers to be added, click

    Adds the selected objects to a group you specify on the toolbar, and then click the group into which they will be added.

Using a command line

  1. Open Command Prompt.

  2. Type:

    dsmod group GroupDN -addmbr MemberDN

Value Description

GroupDN

Specifies the distinguished name of the Schema Admins group in your root domain.

For example, if the name of your root domain is example.microsoft.com, you would type: "cn=schema admins,cn=users,dc=example,dc=microsoft,dc=com"

MemberDN

Specifies the distinguished name of the user you want to add to the Schema Admins group.

For example, if you want to add a user named "Mary Baker" to the Schema Admins group, you would type: "cn=mary baker,cn=users,dc=example,dc=microsoft,dc=com"

Notes

  • To perform this procedure, you must be a member of the Domain Admins group (in the forest root domain) or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.

  • To view the complete syntax for this command, at a command prompt type:

    dsmod group /?

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Working with MMC console files
Find a group
Group types
Dsmod