• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1032
  • Last Modified:

What is the purpose of Schema Admins?

What is the purpose of Schema Admins in Active Directory Security Groups.
0
mlord_garan
Asked:
mlord_garan
2 Solutions
 
KCTSCommented:
At the risk of being obvious only users who are schema admins are allowed to make changes to the active directory schema - either via the ADSIEdit and and other tools or with ADprep etc.
0
 
MidnightOneCommented:
Schema Admins are the only users capable of modifying the schema in a Windows domain. Since schema additions cannot be removed once added, it's kind of important to limit even administrators from extending the schema without proper authority.
0
 
PberSolutions ArchitectCommented:
0
 
Mike KlineCommented:
Just to follow up on what Midnight said, Microsoft released a good white paper a few months ago on how they manage their Schema changes

http://technet.microsoft.com/en-us/library/bb687810.aspx
Structured Active Directory Schema Management at Microsoft

Good info in their, they certainly have very good processes.
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now