Administering the AD LDS Schema
Updated: August 8, 2008
Applies To: Windows Server 2008
An Active Directory Lightweight Directory Services (AD LDS) schema defines using object classes and attributes, the kinds of objects and data that can be created and stored in an AD LDS directory. Each AD LDS configuration set has its own independently manageable schema, which is stored in the schema directory partition. To keep with the AD LDS design concepts of simplicity and flexibility, the base (or default) AD LDS schema contains only the classes and attributes that are required to start an AD LDS instance. The schema can be extended with new classes and attributes, either by administrators or by the applications themselves. In addition, unnecessary schema classes and attributes can be deactivated. As with all objects in the directory, access control lists (ACLs) protect schema objects, so that only authorized users can alter the schema. Every object in an AD LDS directory is an instance of an object class that is defined in a schema. For more information, see Introduction to Administering AD LDS Schema.
Before you can use AD LDS to support a particular directory-enabled application, you may have to modify the AD LDS schema with classes and attributes that are required by that application. You can administer the AD LDS schema in a number of ways, which include extending the schema by creating or importing new classes and attributes, deactivating classes and attributes, and reactivating classes and attributes. You can easily modify the AD LDS schema by using a number of methods, including:
- Using the Active Directory Schema snap-in. For more information, see Use the Active Directory Schema Snap-in to Administer AD LDS Instances
- Semiautomatically, by using
Ldifde.exeto import and export .ldf files. For more information, see Import or Export Directory Objects Using Ldifde.
- Semiautomatically, by using the
csvdecommand-line tool to import and export comma separated values (.csv) files. For more information, see Import or Export Directory Objects Using Csvde.
Introduction to Administering AD LDS Schema
Use the Active Directory Schema Snap-in to Administer AD LDS Instances
Import or Export Directory Objects Using Ldifde
Import or Export Directory Objects Using Csvde
Add a New Class or Attribute Definition to the AD LDS Schema
Deactivate a Schema Object Class or Attribute
Identify or Transfer the Schema Master Role
Seize the AD LDS Schema Master Role
Identify or Transfer the Naming Master Role