10.21. Redefining Classes and Attributes

Tip

This recipe requires the Windows Server 2003 forest functional level.

Problem

You want to redefine a class or attribute that was previously created.

Solution

To redefine a class or attribute, you must first deactivate it by setting the isDefunct attribute to TRUE (see Recipe 10.20 for more details). If you are deactivating a class, make sure no objects are instantiated that use the class. If you are deactivating an attribute, make sure it isn’t populated on any objects and remove it from any classes that have it defined as part of mayContain and mustContain. After the class or attribute has been deactivated, you can modify (i.e., redefine) the LDAP display name (lDAPDisplayName), the OID (governsID or attributeID), the syntax (attributeSyntax and oMSyntax), and the schemaIDGUID. The one attribute that you cannot modify is the common name.

Discussion

Redefining schema objects is a new feature of Windows Server 2003. Although you still cannot delete schema objects in Windows Server 2003,[2] you can work around many of the reasons that would cause you to want to delete a schema object by redefining it instead. Some examples of when redefine comes in handy includes if you accidentally mistype an OID (governsID / attributeID) or lDAPDisplayName, or no longer need an attribute you previously created. You can reuse it by renaming the attribute and giving it a different syntax.

See Also

Recipe 10.20 for deactivating classes and attributes

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.