Recipe 10.21 Redefining Classes and Attributes

This recipe requires the Windows Server 2003 forest functional level.

10.21.1 Problem

You want to redefine a class or attribute that was previously created.

10.21.2 Solution

To redefine a class or attribute, you must first deactivate it by setting the isDefunct attribute to TRUE (see Recipe 10.20 for more details). If you are deactivating a class, make sure no objects are instantiated that use the class. If you are deactivating an attribute, make sure it isn't populated on any objects and remove it from any classes that have it defined as part of mayContain and mustContain. After the class or attribute has been deactivated, you can modify (i.e., redefine) the LDAP display name (lDAPDisplayName), the OID (governsID or attributeID), the syntax (attributeSyntax and oMSyntax), and the schemaIDGUID. The one attribute that you cannot modify is the common name.

10.21.3 Discussion

Redefining schema objects is a new feature of Windows Server 2003. Although you still cannot delete schema objects in Windows Server 2003,[1] you can work around many of the reasons that would cause you to want to delete a schema object by redefining it instead. Some examples of when redefine comes in handy includes if you accidentally mistype an OID (governsID/attributeID) or lDAPDisplayName, or no longer need an attribute you previously created. You can reuse it by renaming the attribute and giving it a different syntax.

[1] You could delete schema objects in W2K pre-SP3, but I won't get into that here. You find more information about that here: http://www.winnetmag.com/Articles/Index.cfm?ArticleID=27096

10.21.4 See Also

Recipe 10.20 for deactivating classes and attributes



    Chapter 3. Domain Controllers, Global Catalogs, and FSMOs
    Chapter 6. Users
    Appendix A. Tool List