Introduction
This article lists known Active
Directory schema versions and demonstrates multiple methods to retrieve the
current schema version of a given forest.
Schema
Version Table
Version
|
Corresponding
Windows Server Version
|
Active
Directory Domain Services (AD DS)
|
|
13
|
Windows 2000 Server
|
30
|
Windows Server 2003
|
31
|
Windows Server 2003 R2
|
44
|
Windows Server 2008
|
47
|
Windows Server 2008 R2
|
56
|
Windows Server 2012
|
69
|
Windows Server 2012 R2
|
Active
Directory Lightweight Directory Services (AD LDS)
|
|
30
|
Active Directory Application
Mode (ADAM)
|
30
|
Windows Server 2008
|
31
|
Windows Server 2008 R2
|
31
|
Windows Server 2012
|
56 Windows Server 2012 R2
How
to Retrieve the Schema Version
Note: The examples below assume the
forest’s DNS name is “techsupportnew.local”.
Using
ADSIEdit.msc
- Start ADSIEdit.msc
- In the left pane, right-click on ADSI Edit then click Connect to
- Under Connection Point, select Schema as Well known naming context
- Under Computer, enter techsupportnew.local
- Click OK
- In the left pane, click on Schema [techsupportnew.local]
- In the middle pane, right-click on c=schema,cn=configuration… then click on Properties
- Scroll-down to the attribute named objectVersion to see its value
Using
DSQuery
dsquery *
cn=schema,cn=configuration,dc=techsupportnew,dc=local -scope base -attr
objectVersion
Using
REPADMIN
The particularity of the REPADMIN
tool is that can show the value of an attribute on all domain controllers. This
ensure the replication happened correctly.
repadmin /showattr * cn=schema,cn=configuration,dc=techsupportnew,dc=local
/atts:ObjectVersion
Using
PowerShell and System.DirectoryServices.ActiveDirectory
[Reflection.Assembly]::LoadWithPartialName(“System.DyrectoryServices.ActiveDirectory”)
$Context = New-object System.DirectoryServices.ActiveDirectory.DirectoryContext(“Forest”,”techsupportnew.local”)
$Schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($Context)
$DirEntry = $Schema.GetDirectoryEntry()
$DirEntry.objectVersion
$Context = New-object System.DirectoryServices.ActiveDirectory.DirectoryContext(“Forest”,”techsupportnew.local”)
$Schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($Context)
$DirEntry = $Schema.GetDirectoryEntry()
$DirEntry.objectVersion
Using
PowerShell and Windows PowerShell module for Active Directory
Get-ADObject
cn=schema,cn=configuration,dc=techsupportnew,dc=local -properties objectVersion
Using
PowerShell and Dell/Quest PowerShell Commands for Active Directory
Get-QADObject cn=schema,cn=configuration,dc=techsupportnew,dc=local
-ip objectversion
Or
Get-QADRootDSE | Format-List *
To mimic REPADMIN:
$Root =
(Get-QADRootDSE).RootDomainNamingContext
Get-QADComputer -ComputerRole DomainController | Select Name,
@{l=’SchemaVersion’ ;e={(Get-QADObject “CN=Schema,CN=Configuration,$Root” -Service $_.Name -IncludedProperties objectversion).objectversion}},
@{l=’ForestFunctionality’ ;e={(Get-QADRootDSE -Service $_.Name).ForestFunctionality}},
@{l=’DomainFunctionality’ ;e={(Get-QADRootDSE -Service $_.Name).DomainFunctionality}}
Get-QADComputer -ComputerRole DomainController | Select Name,
@{l=’SchemaVersion’ ;e={(Get-QADObject “CN=Schema,CN=Configuration,$Root” -Service $_.Name -IncludedProperties objectversion).objectversion}},
@{l=’ForestFunctionality’ ;e={(Get-QADRootDSE -Service $_.Name).ForestFunctionality}},
@{l=’DomainFunctionality’ ;e={(Get-QADRootDSE -Service $_.Name).DomainFunctionality}}
Using
Registry (from Server 2012)
Server 2012 introduces a registry
value named Schema Version and located Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters.
This value will reflect the one
exposed by the domain controller’s local schema replica of the of the Active
Directory it belongs to.
No comments:
Post a Comment