Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

What is the purpose of Schema Admins?

Posted on 2008-10-07
4
Medium Priority
?
1,028 Views
Last Modified: 2012-06-27
What is the purpose of Schema Admins in Active Directory Security Groups.
0
Comment
Question by:mlord_garan
4 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 75 total points
ID: 22660132
At the risk of being obvious only users who are schema admins are allowed to make changes to the active directory schema - either via the ADSIEdit and and other tools or with ADprep etc.
0
 
LVL 26

Assisted Solution

by:MidnightOne
MidnightOne earned 75 total points
ID: 22660135
Schema Admins are the only users capable of modifying the schema in a Windows domain. Since schema additions cannot be removed once added, it's kind of important to limit even administrators from extending the schema without proper authority.
0
 
LVL 26

Expert Comment

by:Pber
ID: 22660165
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 22661137
Just to follow up on what Midnight said, Microsoft released a good white paper a few months ago on how they manage their Schema changes

http://technet.microsoft.com/en-us/library/bb687810.aspx
Structured Active Directory Schema Management at Microsoft

Good info in their, they certainly have very good processes.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question