Chapter 5. Active Directory Schema
The schema is the blueprint for data storage in Active Directory. Each
object in Active Directory is an instance of a class in the schema. A user
object, for example, exists as an instance of the user
class. Attributes define the pieces of information that a class, and thus an
instance of that class, can hold. Syntaxes define the type of data that can
be placed into an attribute. As an example, if an attribute is defined with
a syntax of Boolean, it can store True
or
False
as its value, or it can be null. A null value has
an implementation-specific meaning; it could mean True
or
False
depending on the application using the value.
Active Directory contains many attributes and classes in the default schema, some of which are based on standards and some of which Microsoft needed for its own use. Each new release of Active Directory has included updates to the default schema. For background information on schema versions, see the sidebar Schema Versions, next. Additionally, the Active Directory schema was designed to be extensible, so that administrators could add classes or attributes they deemed necessary. In fact, extending the schema is not a difficult task; it is often more difficult to design the changes that you would like to incorporate. Schema design issues are covered in Chapter 17. In this chapter, we’re concerned only with the fundamentals of the schema.
Get Active Directory, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.