Overview
Designing a schema policy is a cornerstone of effective database management, ensuring that the data structure is both robust and adaptable. A thoughtfully crafted schema policy provides a framework that balances performance, scalability, and maintainability.
Identifying Business Needs
Primary Reasons for Schema Modification:
Enabling Schema to Address Business Needs
Installing Directory-Enabled Applications
Schema Fundamentals
Schema Components
Modifying the Schema
Schema Modification Occurs When You:
Use the Active Directory Schema to create, modify, or deactivate classes or attributes
Write scripts to automate schema modification
Install software applications that add classes or attributes
To Control Membership of Schema Admins Group:
Control Membership of Local Admins, Domain Admins, and Enterprise Admins Groups
Obtaining and Extending Object Identifiers
Object Identifiers
Unique identifiers for class and object attributes
Obtained from an ISO issuing authority
Extend to accommodate your enterprise
Object Identifier Format, 1.2.840.x.w.y.z
1.2.840, issuing authority
x.w.y.z for extension
Deactivating Schema Components
Classes and Attributes Are Not Deleted, but Deactivated.
Classes and Attributes Can Be Reactivated
Implications of Modifying the Schema
Schema Modification Can Impact:
Validity of Existing Objects
Replication Latency
Network Performance During Replication
Planning for Schema Modification
Deciding when to Modify the Schema
| Situation |
Suggested Solutions |
| No existing class meets needs |
Create a new class |
| Existing class needs attributes but otherwise meets needs |
Create new attributes, derive a new child class, or create an auxiliary class |
| Need a new set of unique attributes, but not a new class |
Create auxiliary class |
| Existing classes or attributes no longer needed |
Deactivate existing class or attribute |
Planning for Directory-Enabled Applications
Directory-Enabled Applications Modify the Schema in Two Phases:
1. Schema Admins Perform the Schema Components Phase of the Install
2. Any Authorized Individual Can Complete the Install
Anticipating Microsoft Exchange Server
Integration of Exchange and Active Directory Improves Performance
Separate Databases No Longer Necessary
Initial Configuration of Exchange May Take Extra Time to Complete
LDIF Files Replicated
Global Catalog Replication
Testing Schema Modifications
When Testing Schema Modifications, Always:
Test Changes in a Non-Production Environment
Use Thoroughly Tested Scripts
Remember that Objects and Attributes Can Only Be Deactivated
Developing a Schema Modification Policy
Creating an Experienced Committee Responsible for Schema Modification
Establishing Modification Guidelines
Initiating Schema Modifications
Testing Schema Modifications
Performing Schema Modifications
Design Guidelines
Plan and Implement with Care
Prevent Confusion
Prevent Unauthorized Schema Modifications