Microsoft KB Archive/251189

From BetaArchive Wiki

INFO: Locating an LDAP Server Schema Cached by ADSI


The information in this article applies to:

  • Microsoft Active Directory Service Interfaces, versions 2.0, 2.5


The Lightweight Directory Access Protocol (LDAP) provider for Active Directory Services Interfaces (ADSI) attempts to cache schema information to the local computer. This article describes how to locate the schema information.


According to RFC2251, the Lightweight Directory Access Protocol (v3)

RFC 2251 - Lightweight Directory Access Protocol (v3)

an LDAP server that masters the schema must provide a subschema entry. According to the RFC,

Subschema entries are used for administering information about the directory schema, in particular the object classes and attribute types supported by directory servers.

A subschema is identified by a distinguished name stored in the subSchemaSubEntry attribute located in the root of the directory service enterprise (the rootDSE). In addition to providing the subschema information, LDAP v3 servers should expose a modifyTimeStamp property that is used to determine the last time the schema was modified.

When ADSI first binds to the LDAP server, it retrieves the subschema information using the subSchemaSubEntry attribute. If ADSI succeeds in finding the subschema object, it stores a pointer in the registry on the computer that is connecting to the LDAP server:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ADs\Providers\LDAP\distinguished name of the schema container

ADSI then attempts to process the schema information and reads the modifyTimeStamp property. If the modifyTimeStamp property exists and ADSI successfully processes the schema, ADSI writes the subschema to disk and creates two values under the registry key:

  • A Time value, which contains the modifyTimeStamp property. This value is used to ensure that the schema information is current and prevents the constant reloading of the schema information.
  • A File value, which contains the path to where ADSI stores the schema information in the file system. By default, ADSI caches the subschema in the systemroot\SchCache directory with a file name corresponding to the name of the LDAP server.

If the subschema information exists but cannot be processed, neither of these values is created under the registry key.

If the subschema information can be processed but no modifyTimeStamp property is exposed, the schema information is cached in memory but not written to disk.

If an LDAP v3 server has been contacted through ADSI on the local computer and a cached subschema is not present, it is most likely for one of the following reasons:

  • The server did not expose the correct properties.
  • ADSI was unable to process the schema.
  • ADSI was unable to write the file to the file system.


For additional general information on ADSI, click the link below:

For additional information on finding the ADSI providers on the local computer, click the article number below to view the article in the Microsoft Knowledge Base:

Q233023 HOWTO: Find All ADSI Providers on a System

Additional query words: ldap adsi

Keywords : kbADSI kbMsg kbGrpDSMsg kbDSupport
Issue type : kbinfo
Technology : kbAudDeveloper kbADSISearch kbADSI200 kbADSI250

Last Reviewed: June 12, 2001
© 2001 Microsoft Corporation. All rights reserved. Terms of Use.