Administering the AD LDS Schema

Applies To: Windows Server 2008

An Active Directory Lightweight Directory Services (AD LDS) schema defines using object classes and attributes, the kinds of objects and data that can be created and stored in an AD LDS directory. Each AD LDS configuration set has its own independently manageable schema, which is stored in the schema directory partition. To keep with the AD LDS design concepts of simplicity and flexibility, the base (or default) AD LDS schema contains only the classes and attributes that are required to start an AD LDS instance. The schema can be extended with new classes and attributes, either by administrators or by the applications themselves. In addition, unnecessary schema classes and attributes can be deactivated. As with all objects in the directory, access control lists (ACLs) protect schema objects, so that only authorized users can alter the schema. Every object in an AD LDS directory is an instance of an object class that is defined in a schema. For more information, see Introduction to Administering AD LDS Schema.

Before you can use AD LDS to support a particular directory-enabled application, you may have to modify the AD LDS schema with classes and attributes that are required by that application. You can administer the AD LDS schema in a number of ways, which include extending the schema by creating or importing new classes and attributes, deactivating classes and attributes, and reactivating classes and attributes. You can easily modify the AD LDS schema by using a number of methods, including:

In this guide