A portion of Active Directory that contains the definitions of all classes of objects that Active Directory can contain and the types of attributes these objects may have.


Active Directory contains a default schema that defines hundreds of different object classes and attribute types, and this may suffice for organizations implementing Active Directory on their network. The Active Directory schema, however, is extensible and allows new classes of objects and types of attributes to be defined. For example, if documenting every user’s favorite song is an important issue in your enterprise, you can create a new attribute called Favorite Song and make this a required attributed for all objects of the Users class.

Another way the schema might be modified is by installing a directory-enabled application from some third-party software company. Such an application may be designed to make certain modifications to the schema of Active Directory in order to perform its intended functions.

Schema Objects

Schema objects are uniquely identified by an object identifier (OID), which is represented by a set of numbers separated by dots. OIDs form a hierarchical namespace that is ultimately administered by the International Standards Organization (ISO). You can apply to the ISO to register a portion of OID space for your company, and once this is approved, you can then create and assign OIDs within your subspace at will without fear that some other vendor’s directory-enabled ...

Get Windows 2000 Administration in a Nutshell now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.