What is the purpose of Schema Admins?

What is the purpose of Schema Admins in Active Directory Security Groups.
Who is Participating?
Brian PiercePhotographerCommented:
At the risk of being obvious only users who are schema admins are allowed to make changes to the active directory schema - either via the ADSIEdit and and other tools or with ADprep etc.
Schema Admins are the only users capable of modifying the schema in a Windows domain. Since schema additions cannot be removed once added, it's kind of important to limit even administrators from extending the schema without proper authority.
PberSolutions ArchitectCommented:
Mike KlineCommented:
Just to follow up on what Midnight said, Microsoft released a good white paper a few months ago on how they manage their Schema changes

Structured Active Directory Schema Management at Microsoft

Good info in their, they certainly have very good processes.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.