September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Chapter 10. Schema
Introduction
The Active Directory schema contains the blueprint for how objects are structured and secured, what data they can contain, and even how they can be viewed. Having a thorough understanding of the schema is paramount for any Active Directory administrator. Understanding key concepts, such as class inheritance, class types, attribute syntax, and attribute indexing options, is critical to being able to adequately design an Active Directory infrastructure and should be considered mandatory for any developer that is writing applications or automation scripts that utilize Active Directory.
If you are one of the lucky few who is designated as a schema
administrator (i.e., member of the Schema
Admins group), then the importance of the schema
is already well known to you. This chapter serves a guide to
accomplishing many of the day-to-day tasks you will need to do as a
schema administrator. If you feel you need more nuts and bolts
information on how the schema works, I suggest reading Chapter 4 of
Active Directory, Second Edition
(O’Reilly).
The Anatomy of Schema Objects
An interesting feature of Active Directory that is not common among other LDAP implementations is that the schema is stored within Active Directory as a set of objects. This means that you can use similar interfaces and programs to manage the schema as you would any other type of object.
All schema objects are stored in the Schema
container (e.g., cn=schema,cn=configuration,<ForestRootDN>). The ...