[This is preliminary documentation and subject to change.]
Classes are defined by Class-Schema objects. Like all other Directory Service (DS) objects, each Class-Schema object has attributes that define it. If this seems confusing, that's because it is. If you haven't done so, now would be a good time to look at the Directory Service Terminology.
An entry in the class table has the following attribute-value pairs (with one exception) that describe the Class.
Common-Name | Every object in the DS has a naming attribute from which its Relative Distinguished Name (RDN) is formed. The Naming Attribute for Attribute-Schema objects is Common-Name. The value assigned to Common-Name is the value that the Attribute-Schema will have as its Relative Distinguished Name, in this case "Access Permissions". |
Admin-Display-Name | The Common-Name of a given object might not be descriptive enough for use in administration tools. Admin-Display-Name is available for tools to use as a display name for an attribute when the naming attribute is not appropriate. |
Admin-Description | Can hold additional descriptive text for use by an administrative application. Generally this attribute is identical in value to the Admin-Display-Name. |
Object-Class | Every object in the DS is an instance of a known Object Class. Attribute definitions are all of Object Class Attribute-Schema. |
Comment | A brief explanation of what the attribute is used for. This is not stored in the schema, it is stored in the schema source and included in the documentation. |
LDAP-Display-Name | The name of this attribute as known to the LDAP agent for the NTDS. This is the name LDAP clients must use to read or write this attribute. Note that Active Directory clients access the NTDS using LDAP, so these names are the names to use with Active Directory when reading and writing attributes via the Active Directory Get and Put methods. |
Governs-ID | An OID uniquely identifying this Class. OIDs are discussed in the Directory Service Terminology. |
Structural Class | A class may be Structural, Abstract, or Auxiliary. Structural classes are classes that can be instantiated in the DS. Abstract classes are templates that can only be used to derive new classes in the schema. Auxiliary classes are like "include files" that are used to add a group of properties to a class definition in the schema. |
RDN-Att-Id | The name of the attribute that provides the Relative Distinguished Name (RDN) for this class. |
Schema-ID-GUID | A Globally Unique Identifier (GUID) that uniquely identifies all classes and attributes in the schema. Unlike OIDs, which are issued by a central authority, GUIDs are generated by a special algorithm. GUIDs are fixed length and can be dealt with more efficiently than OIDs. The NTDS uses OIDs for interoperability with external clients and GUIDs internally for efficiency. |
Default UI State | Hidden or Displayed. UI is used to determine whether or not to show a value. |
Default-Security-Descriptor | Indicates the Windows NT Security Descriptor that is applied by default to objects of this class when they are created. |
Sub-Class-Of | Indicates the immediate superclass of this class. |
Auxiliary-Class | The name of an auxiliary class of this object. In the NTDS class inheritance model, a class can have one superclass and many auxiliary classes. The auxiliary classes contribute their attributes to the class that inherits from them. |
Poss-Superiors | Classes that can have the current class as a child. |