Should I Modify the AD Schema or Use Existing Attributes?

In my experience, we stuck with the Exchange custom attributes and never wanted to mess with the schema. Eventually, we had most of what we needed before migrating everything to Azure, where we moved onto creating custom application attributes. It saves a lot of trouble!

It really depends on the attributes you're looking to add and how many there are. Generally, making extensive changes to AD can lead to headaches down the line. I've seen tons of odd setups where teams needed a full identity management system instead. Before you proceed, just think it through—upgrading AD versions is a common difficulty if you’re not careful.

Honestly, I’ve never seen a modified AD schema since it was released. As others have mentioned, the best approach is to avoid modifying it if you can. Keeping things simple is usually the way to go!

Definitely try to utilize the built-in attributes in AD. Modifying the schema can cause a lot of issues down the road. And you should really consider if AD is the right place for the information you want to store. Often, it’s not.

Interesting point about the company systems needing specific attributes—what exactly do you want to add? From my past experiences, adding lots of custom attributes seems like a setup for future problems. AD isn't designed to handle everything, so caution is key!