September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
10.20. Deactivating Classes and Attributes
Problem
You want to deactivate a class or attribute in the schema because you no longer need it.
Solution
Using a graphical user interface
Open the Active Directory Schema snap-in.
In the left pane, click on the Classes folder.
In the right pane, double-click the class you want to deactivate.
Uncheck the box beside Class is active.
Click OK.
Using a command-line interface
You can deactivate a class using the ldifde
utility and an LDIF file that contains the following lines:
dn: cn=<SchemaObjectCommonName>,cn=schema,cn=configuration,<ForestRootDN> changetype: modify replace: isDefunct isDefunct: TRUE -
If the LDIF file were named deactivate_class.ldf,
you would run the following command:
> ldifde -v -i -f deactivate_class.ldf
Using VBScript
' This code deactivates a class or attribute.
' ------ SCRIPT CONFIGURATION ------
strName = "<SchemaObjectCommonName>" ' e.g. rallencorp-LanguagesSpoken
' ------ END CONFIGURATION ---------
set objRootDSE = GetObject("LDAP://RootDSE")
set objSchemaObject = GetObject("LDAP://cn=" & strName & "," & _
objRootDSE.Get("schemaNamingContext"))
objSchemaObject.Put "isDefunct", TRUE
objSchemaObject.SetInfo
WScript.Echo "Schema object deactivated: " & strNameDiscussion
There is no supported way to delete classes or attributes defined in the schema. You can, however, deactivate them, also known as making them defunct. Before you deactivate a class you should make sure that no instantiated objects of that class exist. If ...