Deactivate a Schema Object Class or Attribute

Applies To: Windows Server 2008

You can use the Active Directory Schema snap-in to deactivate the Active Directory Lightweight Directory Services (AD LDS) schema object classes and attributes.

Before deactivating a class, consider the following:

  • You can deactivate a class only if that class is not specified as a subClassOf, auxiliaryClass, systemAuxiliaryClass, possSuperiors, or systemPossSuperiors of any existing active class.

  • You cannot use a defunct class in definitions of new classes, and you cannot add a defunct class to existing class definitions.

  • You cannot create objects that are instances of a defunct class or modify existing instances of a defunct class. However, the instances of the defunct class become available again for modification when the defunct class is reactivated.

Before deactivating an attribute, consider the following:

  • You can deactivate an attribute only if the attribute is not specified as a systemMustContain, mustContain, systemMayContain, mayContain, or rdnAttId of any existing active class.

  • You cannot use a defunct attribute in definitions of new classes, and you cannot add a defunct attribute to existing class definitions.

  • You cannot read, modify, or delete instances of a defunct attribute that are present in existing objects. However, the instances of the defunct attribute become available when the defunct attribute is reactivated.

  • To purge the directory of instances of an attribute, you must delete the instances before deactivating the attribute.

Membership in the AD LDS Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To deactivate a schema object class or attribute

  1. Open the Active Directory Schema snap-in, and connect to the AD LDS instance in which you want to deactivate classes or attributes. For more information, see Use the Active Directory Schema Snap-in to Administer AD LDS Instances.

  2. Do one of the following, depending on whether you want to deactivate an object class or an attribute:

    • To deactivate an object class, in the console tree, double-click Active Directory Schema, and then expand Classes. Right-click the class that you want to deactivate, and then click Properties.

    • To deactivate an attribute, in the console tree, double-click Active Directory Schema, and then expand Classes. Right-click the attribute that you want to deactivate, and then click Properties.

  3. On the General tab, clear the Class is active check box or the Attribute is active check box, click Yes to confirm that you want to deactivate the class or attribute, and then click OK.