Microsoft Active Directory Schemas

Download PDF
Challenge

Active Directory® (AD) is a fundamental part of the identity infrastructure for many organizations as it is used to authenticate users across Windows Domains. While it has many advantages, Microsoft Active Directory also has limitations and complexities that make it difficult to manage and administer an infrastructure.

A common problem faced by Microsoft Active Directory administrators is how to handle schema changes. Schema changes are not normally applied within an Active Directory environment for several reasons. They cannot be undone, so mistakes can cause severe problems with the domain infrastructure, and each change is replicated to every domain controller, so all systems within a forest are impacted. Also, schema changes can be complicated. OIDs and LinkIDs need to be unique, so changes must be carefully scrutinized to ensure there are no conflicts. Most administrators avoid schema changes if possible, but many applications require modifications in order to work properly. Integrating these applications without making schema changes in the Active Directory itself can prevent problems and help protect an infrastructure from errors.

Solution
Microsoft Active Directory Encryption Solution

Microsoft Active Directory Encryption Solution

Symlabs Virtual Directory Server is the perfect tool for handling schema change requirements within a Microsoft Active Directory environment. It offers a variety of ways to deal with different schema requirements, so a solution can be crafted to fit any requirements called for by the changes to be implemented. Often simple “attribute mapping” that can be implemented using a single bundled plug-in is all that’s needed, but if a more complex solution is necessary a number of other plug-ins, such as data validation, suffix mapping, or data joining can be used in combination. Regardless of the schema used, Symlabs Virtual Directory Server can adapt multiple applications to Microsoft Active Directory environments with minimal impact to the existing infrastructure. It has great flexibility and the ability to create custom solutions, so it can easily resolve problems caused by different client and server schemas. In addition to overcoming issues that AD administrators face daily, it can greatly enhance an infrastructure by improving performance, scalability, and reliability.

About Microsoft Active Directory
Active Directory is a registered trademark of Microsoft, Inc. An LDAP-based directory services product developed by Microsoft, Active Directory is a central component of the Windows platform that provides a means to manage identities and relationships that make up network environments. Active Directory Service is commonly used to manage the Windows® domain infrastructure.

Benefits

Avoids complex schema-related operations on the AD infrastructure
Any application can use Active Directory data regardless of schema
Minimizes impact of schema changes on the rest of the infrastructure
Simplifies administration while improving performance and scalability

About Symlabs

Symlabs is the performance leader for virtual directory and identity management solutions. Benchmarks show Symlabs Virtual Directory Server, LDAP Proxy and Federated Identity Suite are the fastest and most powerful products in the industry for managing and unifying identity data. Global giants like Sony, IBM, Vodafone, Nokia and United Nations already depend on Symlabs to add flexibility, security, and reliability to their infrastructure. Symlabs also offers annual support, training and professional services to our clients to help them develop, integrate, and maintain solutions.