New in Windows Server 2003 - Schema redefine

In the previous version of Active Directory (AD) that was introduced

with Windows 2000 Server, it was not possible to disable/redefine an

attribute in the Schema. However, with the new version of Active

Directory that's included in the release of Windows Server 2003, you now

have the ability to disable/redefine attributes in Active Directory.

We do not have room to go into all of the details about the Active

Directory Schema, but at the most basic level, every object in Active

Directory is an instance of an object class, which is defined in the

Active Directory schema. The definition for each object class contains

a list of the attributes that are used to describe instances of the

class. For example, the User class has attributes such as givenName or

streetAddress. The schema also formally defines each attribute. The

definition for each attribute includes unique identifiers for the

attribute, the syntax for the attribute, etc.

If you install an application and realize that an attribute that needs

to be added by the application is colliding with an existing attribute

(one that should not be in your AD Schema), you now have the ability to

disable/redefine the attributed. However, all of your domain

controllers within the forest must be running Windows 2003 Server. In

addition, this functionality is only available to forests raised to the

Windows 2003 functional level - which can be done through Active

Directory Domains and Trusts MMC snap-in. To disable/redefine an

attribute in the AD Schema, you can use the Active Directory Schema MMC

snap-in, open the attribute that is causing problems and uncheck the

option "Attribute is active". It is as simple as that. Though the

attribute cannot be deleted from the Schema, at least you can disable it

and move on. I hope that future versions of Active Directory will allow

for deletions - when necessary.

Next week I continue my discussion on the new features in Windows Server

2003.

New in Windows Server 2003 :

Domain rename

http://www.itworld.com/nl/win_this_wk/11242003/

ADMT 2.0

http://www.itworld.com/nl/win_this_wk/11172003/

Active Directory rename

http://www.itworld.com/nl/win_this_wk/11102003/

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies