AD has a definition for classSchema that it uses that you can query for and view...
However it's not imported into AD in the normal way, it is a part of the base directory. It assigns a few attributes (see systemMayContain and systemMustContain below) and defines the object using that as an objectclass as a definition of a new class. C:\>adfind -sc s:classschema AdFind V01.40.00cpp Joe Richards ([email protected]) February 2009 Using server: TEST-DC1.test.loc:389 Directory: Windows Server 2003 Base DN: CN=Schema,CN=Configuration,DC=test,DC=loc dn:CN=Class-Schema,CN=Schema,CN=Configuration,DC=test,DC=loc >objectClass: top >objectClass: classSchema >cn: Class-Schema >distinguishedName: CN=Class-Schema,CN=Schema,CN=Configuration,DC=test,DC=loc >instanceType: 4 [WRITABLE(4)] >whenCreated: 20050805195903.0Z >whenChanged: 20080413035029.0Z >uSNCreated: 5282 >subClassOf: top >governsID: 1.2.840.113556.1.3.13 >rDNAttID: cn >uSNChanged: 5282 >showInAdvancedViewOnly: TRUE >adminDisplayName: Class-Schema >adminDescription: Class-Schema >objectClassCategory: 1 [STRUCTURAL] >lDAPDisplayName: classSchema >name: Class-Schema >objectGUID: {670F30B4-6D37-48EB-8923-486639052288} >schemaIDGUID: {BF967A83-0DE6-11D0-A285-00AA003049E2} >systemOnly: FALSE >systemPossSuperiors: dMD >systemMayContain: systemPossSuperiors >systemMayContain: systemOnly >systemMayContain: systemMustContain >systemMayContain: systemMayContain >systemMayContain: systemAuxiliaryClass >systemMayContain: schemaFlagsEx >systemMayContain: rDNAttID >systemMayContain: possSuperiors >systemMayContain: mustContain >systemMayContain: msDs-Schema-Extensions >systemMayContain: msDS-IntId >systemMayContain: mayContain >systemMayContain: lDAPDisplayName >systemMayContain: isDefunct >systemMayContain: defaultSecurityDescriptor >systemMayContain: defaultHidingValue >systemMayContain: classDisplayName >systemMayContain: auxiliaryClass >systemMustContain: subClassOf >systemMustContain: schemaIDGUID >systemMustContain: objectClassCategory >systemMustContain: governsID >systemMustContain: defaultObjectCategory >systemMustContain: cn >defaultSecurityDescriptor: D:S: >systemFlags: 134217744 [CAT-1(16);NO-RENAME(134217728)] >defaultHidingValue: TRUE >objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=test,DC=loc >defaultObjectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=test,DC=loc 1 Objects returned joe -- O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Alister Forbes Sent: Tuesday, December 15, 2009 6:05 AM To: [email protected] Subject: [ldap] FIrst mail, and it's a cry for help All, I'm ini the position at $WORK where we are going to be implementing ldap as a NIS replacement. Unfortunately, I also need to use some schemas that already exist in the AD world. I have the schema's as ldif, but when I try to add them , I get this error: ldap_add: Invalid syntax (21) additional info: objectClass: value #1 invalid per syntax value #1 is, I believe classSchema objectClass: top objectClass: classSchema Can anyone tell me where I can find a schema with the definition for classSchema in it please? (or tell me I'm an idiot and show what I'm missing out) Thanks, Alister
