• Virtual Directory Server
• LDAP Proxy
• Federated Identity Suite
• Free LDAP Browser

Microsoft Active Directory Schemas

Download PDF
Challenge
Active Directory® (AD) is a fundamental part of the identity infrastructure for many organizations as it is used to authenticate users across Windows Domains. While it has many advantages, Microsoft Active Directory also has limitations and complexities that make it difficult to manage and administer an infrastructure.

A common problem faced by Microsoft Active Directory administrators is how to handle schema changes. Schema changes are not normally applied within an Active Directory environment for several reasons. They cannot be undone, so mistakes can cause severe problems with the domain infrastructure, and each change is replicated to every domain controller, so all systems within a forest are impacted. Also, schema changes can be complicated. OIDs and LinkIDs need to be unique, so changes must be carefully scrutinized to ensure there are no conflicts. Most administrators avoid schema changes if possible, but many applications require modifications in order to work properly. Integrating these applications without making schema changes in the Active Directory itself can prevent problems and help protect an infrastructure from errors.

Solution
Symlabs Virtual Directory Server is the perfect tool for handling schema change requirements within a Microsoft Active Directory environment. It offers a variety of ways to deal with different schema requirements, so a solution can be crafted to fit any requirements called for by the changes to be implemented. Often simple “attribute mapping” that can be implemented using a single bundled plug-in is all that’s needed, but if a more complex solution is necessary a number of other plug-ins, such as data validation, suffix mapping, or data joining can be used in combination. Regardless of the schema used, Symlabs Virtual Directory Server can adapt multiple applications to Microsoft Active Directory environments with minimal impact to the existing infrastructure. It has great flexibility and the ability to create custom solutions, so it can easily resolve problems caused by different client and server schemas. In addition to overcoming issues that AD administrators face daily, it can greatly enhance an infrastructure by improving performance, scalability, and reliability.

About Microsoft Active Directory
Active Directory is a registered trademark of Microsoft, Inc. An LDAP-based directory services product developed by Microsoft, Active Directory is a central component of the Windows platform that provides a means to manage identities and relationships that make up network environments. Active Directory Service is commonly used to manage the Windows® domain infrastructure.

Benefits

• Avoids complex schema-related operations on the AD infrastructure
• Any application can use Active Directory data regardless of schema
• Minimizes impact of schema changes on the rest of the infrastructure
• Simplifies administration while improving performance and scalability