Microsoft KB Archive/251189
INFO: Locating an LDAP Server Schema Cached by ADSI
The information in this article applies to:
- Microsoft Active Directory Service Interfaces, versions 2.0, 2.5
The Lightweight Directory Access Protocol (LDAP) provider for Active Directory Services Interfaces (ADSI) attempts to cache schema information to the local computer. This article describes how to locate the schema information.
According to RFC2251, the Lightweight Directory Access Protocol (v3)
an LDAP server that masters the schema must provide a subschema entry. According to the RFC,
Subschema entries are used for administering information about the directory schema, in particular the object classes and attribute types supported by directory servers.
A subschema is identified by a distinguished name stored in the subSchemaSubEntry attribute located in the root of the directory service enterprise (the rootDSE). In addition to providing the subschema information, LDAP v3 servers should expose a modifyTimeStamp property that is used to determine the last time the schema was modified.
When ADSI first binds to the LDAP server, it retrieves the subschema information using the subSchemaSubEntry attribute. If ADSI succeeds in finding the subschema object, it stores a pointer in the registry on the computer that is connecting to the LDAP server:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ADs\Providers\LDAP\distinguished name of the schema container
ADSI then attempts to process the schema information and reads the modifyTimeStamp property. If the modifyTimeStamp property exists and ADSI successfully processes the schema, ADSI writes the subschema to disk and creates two values under the registry key:
- A Time value, which contains the modifyTimeStamp property. This value is used to ensure that the schema information is current and prevents the constant reloading of the schema information.
- A File value, which contains the path to where ADSI stores the schema information in the file system. By default, ADSI caches the subschema in the systemroot\SchCache directory with a file name corresponding to the name of the LDAP server.
If the subschema information exists but cannot be processed, neither of these values is created under the registry key.
If the subschema information can be processed but no modifyTimeStamp property is exposed, the schema information is cached in memory but not written to disk.
If an LDAP v3 server has been contacted through ADSI on the local computer and a cached subschema is not present, it is most likely for one of the following reasons:
- The server did not expose the correct properties.
- ADSI was unable to process the schema.
- ADSI was unable to write the file to the file system.
For additional general information on ADSI, click the link below:
For additional information on finding the ADSI providers on the local computer, click the article number below to view the article in the Microsoft Knowledge Base:
Q233023 HOWTO: Find All ADSI Providers on a System
Additional query words: ldap adsi
Keywords : kbADSI kbMsg kbGrpDSMsg kbDSupport
Issue type : kbinfo
Technology : kbAudDeveloper kbADSISearch kbADSI200 kbADSI250
Last Reviewed: June 12, 2001