Allowing schema changes to take place in Windows 2000
In order for Active Directory to hold any object, such as a user, it needs to know what the attributes and characteristics of that object are. In other words, it needs a blueprint for that object. Active Directory Schema is the blueprint for all classes, attributes, and syntaxes that potentially can be stored in Active Directory.
There are two safeguards that you have to bypass in order for the system to allow you to modify the schema with either the Schema Manager console or via ADSI.
First, the user who is to make the changes has to be a member o the Schema Admins group, which exists in the forest root domain.
Second, you need to make a change to the registry on the DC that you wish to make the changes on.
The fastest and probably best solution is to use the checkbox from the Schema Master MMC.
Alternatively, on the DC itself, open up the registry using REGEDT32.EXE or REGEDIT.EXE and locate the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Now, create a new REG_DWORD value called Schema-Update-Allowed and set the value to 1.
That's all you need to do. You can now edit the Schema on that DC.