The schema is the blueprint for data storage in Active Directory.
Each object in Active Directory is an instance of a class in the
schema. A user object, for example, exists as an instance of the user
class. Attributes define the pieces of information that a class, and
thus an instance of that class, can hold. Syntaxes define the type of
data that can be placed into an attribute. As an example, if an
attribute is defined with a syntax of Boolean, it can store True or
False as its value.
Active Directory contains many attributes and classes in the default
schema, some of which are based on standards and some of which
Microsoft needed for its own use. However, the Active Directory
schema was designed to be extensible, so that administrators could
add any classes or attributes they deem necessary. In fact, extending
the schema is not a difficult task; it is often more difficult to
design the changes that you would like to incorporate. Schema design
issues are covered in Chapter 12, and in Chapter 24 we cover how to extend the schema
programmatically. In this chapter, we're concerned
only with the fundamentals of the schema.