What is Active Directory Schema

Are you struggling with efficiently managing your organization’s directory service? Understanding the essential concept of the Active Directory schema is key to success.

Though it is often seen as a complex concept, it is the foundation of the entire directory system. To delve into the details of this crucial component, keep reading below.

What is the Active Directory Schema

What is the Active Directory Schema?

Active directory schema is like a blueprint for defining the structure, organization, and characteristics of objects and their associated data within the active directory.

It essentially determines what kinds of objects can be made and managed within the directory, as well as what kind of information can be stored within those objects. All the objects you can create in the Active directory and all their properties are defined.

Active Directory Schema Version

The following information provides a list of operating system versions along with their related schema versions:

Windows Server Version Directory Schema Version
Windows Server 2000 13
Windows Server 2003 30
Windows Server 2003R2 31
Windows Server 2008 44
Windows Server 3008R2 47
Windows Server 2012 56
Windows Server 2012R2 69
Windows Server 2016 87
Windows Server 2019 88
Windows Server 2022 88

Active Directory Schema Types

It is a blueprint that defines the rules for the types of objects and attributes that can be stored within it. The schema is made up of two types of objects: Classes and attributes.

Classes: Classes can be considered as templates used to create objects within the active directory such as users, groups, computers, etc. These, classes themselves do not contain any specific information about the user or object but provide a framework for creating them.

Attributes: The attributes define the characteristics and properties of a class. They determine the specific data that can be stored within an object. Attributes are defined once in the schema and can be shared among multiple classes.

One common attribute found in every object class includes the attribute cn, which holds the object’s common name in the Lightweight Directory Access Protocol (LDAP) naming convention.

Active Directory Schema Attributes List

Here is a list of some used attributes in the Active Directory:

Name in Active Directory LDAP Name
First Name givenName
Middle Name/Initials Initials
Last Name sn
Logon Name userPrincipalName
Display Name displayName
Full Name name/cn
Description description
Office physicalDeliveryofficeName
Telephone Number telephoneNumber
E-mail-Addresses mail
Web Page wWWHomePage
Password password
PO Box postOfficeBox
City I
Country co
Country code countryCode
Add to Groups memberOf
Account Expires accountExpires
Login Script scriptPath
Home Drive homeDrive
Title title
Company company
Lockout-Time lockoutTime
Account-Name-History accountNameHistory
Do not permanently delete messages until the store has been backed up deletedItemFlags
Start the following program at logon tsInheritinitialProgram
Connect client printer at logon tsDeviceClientDefaultPrinter
When the session limit is reached, or the connection broken tsBrokenTimeOutSettings
Exchange Server Name msExchHomeServerName
Managed By managedBy
Remove Proxy Addresses removeproxyAddresses

These are just a few of the attributes available in the active directory.

Active Directory Schema Location

This helps in defining the structure and attributes of objects in the directory. It is located in the schema partition of the active directory, and the schema objects are physically stored there.

However, the schema container’s logical location is actually under the configuration container. To see the content of the schema container, administrators can use tools like AD schema MMC snap-in or ADSI Edit.

Active Directory Schema Components

In the active directory, objects, classes, and attributes are components of the directory and play a crucial role in defining the structure of the active directory.

  • Objects are where data is stored in an active directory.
  • Classes are a group of definitions used to create this object within the active directory.
  • Attributes are data items that determine the information contained in an object.

Within the schema, the active directory schema contains two objects to store information. The classSchema object stores information about the class, while the attributeSchema object stores information about the attribute. By utilizing these schema objects, administrators can define classes and attributes based on their organization’s requirements.

Also Read: Fix The Active Directory Domain Services is Currently Unavailable

We hope you have now understood what exactly active directory schema is. If you have any queries or suggestions, feel free to drop them in the comments section below. Keep visiting Techcult for more interesting and helpful articles.

Leave a Comment

Your email address will not be published. Required fields are marked *