Recipe 10.22 Reloading the Schema Cache

10.22.1 Problem

You want to reload the schema cache so that schema extensions take effect immediately.

10.22.2 Solution Using a graphical user interface
  1. Open the Active Directory Schema snap-in.

  2. In the left pane, click on Active Directory Schema.

  3. Right-click on the label and select Reload the Schema. Using a command-line interface

You can reload the schema by using the ldifde utility and an LDIF file that contains the following:

changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1

If the LDIF file were named reload.ldf, you would run the following command:

> ldifde -v -i -f reload.ldf Using VBScript
set objRootDSE = GetObject("LDAP://dc1/RootDSE")
objRootDSE.Put "schemaUpdateNow", 1
WScript.Echo "Schema reloaded"

10.22.3 Discussion

Each domain controller maintains a complete copy of the schema in memory to make access to the schema very fast. This is called the schema cache. When you extend the schema on the Schema FSMO role owner, the change is written to the schema cache, and not committed to disk yet. The schema automatically commits any changes to the schema every five minutes if a change has taken place, but you can also do it manually/programmatically by writing to the schemaUpdateNow operational attribute of the RootDSE on the Schema FSMO role owner. Once that is done, any changes to the schema cache are written to disk.

It is necessary to force a schema cache update if your schema extensions reference newly created attributes or classes. For example, lets say that we want to create one new auxiliary class that contains one new attribute. To do that we would first need to create the attribute and then create the auxiliary class. As part of the auxiliary class' definition, we would need to reference the new attribute, but unless we reload the schema cache, an error would be returned stating that the attribute does not exist. For this reason we need to add an additional step. First, create the attribute, then reload the schema cache, and finally, create the auxiliary class. Here is what an LDIF representation would look like:

dn: cn=rallencorp-TestAttr,cn=schema,cn=configuration,dc=rallencorp,dc=com
changetype: add
objectclass: attributeSchema
lDAPDisplayName: rallencorp-TestAttr
oMSyntax: 20
isSingleValued: FALSE
searchFlags: 1

changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1

dn: cn=rallencorp-TestClass,cn=schema,cn=configuration,dc=rallencorp,dc=com
changetype: add
objectclass: classSchema
lDAPDisplayName: rallencorp-TestClass
subClassOf: top
objectClassCategory: 3
mayContain: rallencorp-TestAttr

10.22.4 See Also

Recipe 10.7 for adding a new attribute to the schema and Recipe 10.9 for adding a new class to the schema

    Chapter 3. Domain Controllers, Global Catalogs, and FSMOs
    Chapter 6. Users
    Appendix A. Tool List