Add Employee ID Field - ADUC ~ My blog about Active Directory and everything else

Wednesday, May 13, 2009

Add Employee ID Field - ADUC

I've seen this question several times on various message boards so I wanted to write a step by step entry on how to do this.

User objects have an employeeID attribute but it doesn't appear by default in active directory users & computers.

Sakari Kouti has written a great script to help with this. You can find that script here(employeeID.vbs)


Download the script and save it on your PC. I've put the script on my C drive in a folder called AddID


In ADSI Edit go to the configuration container and navigate to CN=DisplaySpecifiers, CN=409)

In the right pane find CN=user-display and right click and select properties.


Select the adminContextMenu attribute. Add the following value
2, Employee &ID, path to script

Note: If 2 is in use just pick the next number. In my example I've put the script in c:\addid\employeeid.vbs

UPDATE: I should have added this when I first posted this but thanks to Rob Sampson for pointing it out. Rob is one of the strongest scripters I've met and is a valuable member of the IT community.

From Rob (Thanks Rob!):

you could place "employeeid.vbs" in your NetLogon share of a Domain Controller (which then replicates to all other DCs), and have 2. Employee &ID, \\\sysvol\\scripts\employeeid.vbs

Screen shot below shows that example in my domain.


Now if you use Active Directory Users & Computers you can right click on a user and employee ID should appear.

You can select the field and edit it:

Thanks to Sakari Kouti for the script. He also has a new book coming out called Active Directory 2008 Unleashed

If that book is anything like his last book (Inside AD 2nd Edition) then it is a must have...I've already pre-orderd the new book :)


  1. This script just let you add a value, or change.. I need something more.. if i've added the wrong value, how can i delete (clear) the value?

    Thank you ;)

    1. Use the following version of the script that I've modified.

      ' -------------------------------------------------------------------------
      ' Script by Sakari Kouti (see
      ' You have a royalty-free right to use, modify, reproduce and distribute
      ' this script (and/or any modified version) in any way you find useful,
      ' provided that you agree that Addison-Wesley or Sakari Kouti has no
      ' warranty, obligations or liability for the script. If you modify
      ' the script, you must retain this copyright notice.
      ' -------------------------------------------------------------------------
      ' Modified by 28th April 2014
      ' Added the logic so that the value can be cleared.
      Option Explicit

      Const ADS_PROPERTY_CLEAR = 1

      Dim wshArguments, objUser, objSchemaEmployeeID, strCurrentID, strEmployeeID, intMaxLen

      On Error Resume Next

      Set wshArguments = WScript.Arguments
      Set objUser = GetObject(wshArguments(0))
      Set objSchemaEmployeeID = GetObject("LDAP://schema/employeeID")

      intMaxLen = objSchemaEmployeeID.MaxRange

      If objUser.employeeID <> "" Then
      strCurrentID = objUser.employeeID
      strCurrentID = "empty"
      End If

      strEmployeeID = InputBox( _
      "The current Employee ID is " & strCurrentID & vbCrLf & _
      vbCrLf & _
      "Enter the new Employee ID (1 through " & intMaxLen & " chars)" & vbCrLf & _
      vbCrLf & _
      "Type empty or clear to clear the value altogether.", _
      Right(objUser.Name, Len(objUser.Name) - 3) & " Employee ID", _

      If strEmployeeID = "" Then WScript.Quit 'User clicked Cancel

      If Len(strEmployeeID) > intMaxLen Then
      MsgBox "The new Employee ID was too long and it was not saved.", _
      vbCritical, "Error Occurred"
      If (trim(strEmployeeID) = "" or _
      trim(lcase(strEmployeeID)) = "empty" or _
      trim(lcase(strEmployeeID)) = "clear") Then
      objUser.PutEx ADS_PROPERTY_CLEAR, "employeeID", 0
      objUser.employeeID = trim(strEmployeeID)
      End If
      If Err Then MsgBox "The new Employee ID was not saved.", _
      vbCritical, "Error Occurred"
      End If

  2. Oh,boy you guy´s are good. Thank you.

  3. Is it possible to have employeeID diplayed in user properties

  4. No easy way to add it in a tab in ADUC unless you have some really good developers. I'm not that developer :)

  5. if connect to dc from Windows7 or server2008 mmc console it's not working?

    1. Indeed, same result here. From a server2003 mmc its working, but not on a W7 or server 2008 mmc console.

  6. Oh that means we dont need anythird party toolanymore. Today its been seen over there are different tools at the market which are allowing this sort of updated but its very fine now that by using this script we wont be using any third party tool any more.

    Thanks for your valuable feedback.

  7. Hey Guys,
    I see the employee id when I right click but I am unable to update the field. Did I miss something in the post?

  8. I am wanting to make a correction in ADSI to the the location of the script in the adminContextMenu . It is currently pointed to a DC that has been demoted and is no longer a member server. I would like to point it to \\\sysvol\\scripts\employeeid.vbs as per the update from Rob. If I do this, will it wreck the way it is working now, and it does work as advertised, or does it just pick up where it left off?

    Thank you,