You want to deactivate a class or attribute in the schema because you no longer need it.
Open the Active Directory Schema snap-in.
In the left pane, click on the Classes folder.
In the right pane, double-click the class you want to deactivate.
Uncheck the box beside Class is active.
You can deactivate a class using the ldifde utility and an LDIF file that contains the following lines:
dn: cn=<SchemaObjectCommonName>,cn=schema,cn=configuration,<ForestRootDN> changetype: modify replace: isDefunct isDefunct: TRUE -
If the LDIF file were named deactivate_class.ldf, you would run the following command:
> ldifde -v -i -f deactivate_class.ldf
' This code deactivates a class or attribute. ' ------ SCRIPT CONFIGURATION ------ strName = "<SchemaObjectCommonName>" ' e.g. rallencorp-LanguagesSpoken ' ------ END CONFIGURATION --------- set objRootDSE = GetObject("LDAP://RootDSE") set objSchemaObject = GetObject("LDAP://cn=" & strName & "," & _ objRootDSE.Get("schemaNamingContext")) objSchemaObject.Put "isDefunct", TRUE objSchemaObject.SetInfo WScript.Echo "Schema object deactivated: " & strName
There is no supported way to delete classes or attributes defined in the schema. You can, however, deactivate them, also known as making them defunct. Before you deactivate a class you should make sure that no instantiated objects of that class exist. If you want to deactivate an attribute, you should make sure no object classes define the attribute as mandatory. After you've verified the class or attribute is no longer being used, you can deactivate by setting the isDefunct attribute to TRUE. You can always reactivate it at a later time by simply setting isDefunct to FALSE. With Windows Server 2003 Active Directory, you can even redefine the class or attribute while it is defunct. This gives you much more flexibility over reusing classes or attributes you may have added before, but no longer want.
Recipe 10.21 for redefining classes and attributes