Export (0) Print
Expand All


Updated: November 25, 2009

Applies To: Windows Server 2008 R2

The Active Directory schema is the set of definitions that defines the kinds of objects, and the types of information about those objects, that can be stored in Active Directory Domain Services (AD DS). The definitions are themselves stored as objects so that AD DS can manage the schema objects with the same object management operations that are used for managing the rest of the objects in the directory.

There are two types of definitions in the schema: attributes and classes. Attributes and classes are also referred to as schema objects or metadata.

Attributes are defined separately from classes. Each attribute is defined only once and can be used in multiple classes. For example, the Description attribute is used in many classes, but it is defined once in the schema, which helps ensure consistency.

Classes, also referred to as object classes, describe the possible directory objects that can be created. Each class is a collection of attributes. When you create an object, the attributes store the information that describes the object. The User class, for example, is composed of many attributes, including Network Address, Home Directory, and so on. Every object in AD DS is an instance of an object class.

Managed Entities

The following is a list of the managed entities that are included in this managed entity:

Name Description

Schema Directory Partition

The schema is stored in its own partition (the schema directory partition). The schema directory partition is replicated among all the domain controllers in the forest, and any change that is made to the schema is replicated to every domain controller in the forest. Because the schema dictates how information is stored, and because any changes that are made to the schema affect every domain controller, changes to the schema should be made only when necessary — through a tightly controlled process — after testing has been performed to ensure that there will be no adverse effects on the rest of the forest.

Application Directory Partition

Active Directory Domain Services (AD DS) supports application directory partitions. An application directory partition can contain a hierarchy of any type of objects, except security principals. You can configure an application directory partition to replicate to any set of domain controllers in the forest. An application directory partition can replicate to domain controllers in different domains in the forest. Unlike a domain directory partition, an application directory partition is not required to replicate to all domain controllers in a domain.

Related Management Information

Active Directory

Community Additions

© 2016 Microsoft