Active Directory stores data in the form of objects. In this article, let us take a complete overview on Active Directory object classes and attributes. An object can be a single element, such as a user, group, OU, sites, contacts or any devices such as a printer or a computer. In Active Directory, the objects are of two types:
- Container Objects
- Leaf objects
Container objects store other objects in the Active Directory. The organizational unit (OU) is a good example of a container object. Leaf objects, also called terminal objects, on the other hand, cannot store other objects. An example of a leaf object is a printer.
Active Directory Object Classes, Types, and Attributes
An object class is a component of the Active Directory schema that defines the “type” for an object or in other words it defines the set of mandatory and optional attributes an object can have.
Objects attributes are a set of fields that define and describe the additional data that can be attributed to the object. For example, a user object in Active Directory will have attributes such as their First Name, Second Name, Manager Name etc. A few of these attributes cannot be left empty while other attributes are optional. In the case of a user object, the ObjectCategory, ObjectClass, sAMAccountName are mandatory, while other attributes like the accountExpires, title, info, initials etc. are optional.
Types of Active Directory Object Classes
The object class of an object can be viewed in the objectclass attribute in the attribute editor tab of object properties window. There are 3 types of objectclasses in Active Directory.
- Abstract Class
- Structural Class
- Auxiliary Class
Abstract Class
This class is a mere template that is used to derive a new object. The derived class can be of any object class type. One abstract class can be a subclass of another abstract class.
Structural Class
The objects of the structural class are usually those that form the logical framework of AD. Structural classes can be a subclass of an abstract or structural class.
Auxiliary Class
An auxiliary class is used to store sets of attributes that other classes can inherit. It is primarily a grouping mechanism. Auxiliary classes can be a subclass of an abstract or auxiliary class.
ObjectClass Vs ObjectCategory Property
The objectClass property does not include Statically Linked Auxiliary Classes in the list. The system sets the objectClass value when the object instance is created and it cannot be changed. Prior to Windows Server 2008, the objectClass attribute is not indexed. This is because it has multiple values and is highly non-unique; that is, every instance of the objectClass attribute includes the top class. This means an index would be very large and ineffective. To locate objects of a given class, use the objectCategory attribute, which is single-valued and indexed.
Each instance of an object class also has an objectCategory property, which is a single-valued property that contains the distinguished name of either the class of which the object is an instance or one of its superclasses. When an object is created, the system sets its objectCategory property to the value specified by the defaultObjectCategory property of its object class. An object’s objectCategory property cannot be changed.
People also read
