Active Directory - Modify a system owned attribute
First of all, you shouldn’t do this. But in case you are hell bent on making a mess the following steps will allow you to modify objects that Active Directory would otherwise block you from changing.
The tl;dr is that when the directory believes we are in schema update mode, most modifications are going to slide on through.
- Make sure your account is currently a member of Schema Admins
- Launch LDP.exe and bind to a DC.
- After connecting and binding, navigate to the browse menu and select the “Modify” option.
- Leave the DN blank, type
schemaUpgradeInProgressinto the Attribute field and in the values field type
- Click the Add operation and then click the enter button.
- Click the Run button.
Once you’ve done whatever horrible thing you need to do remember to return the directory to non-Schema Update mode.
- From LDP.EXE, change
schemaUpdateInProgressback to a value of
0, and then click Run