Marc Lognoul's IT Infrastructure Blog

Cloudy with a Chance of On-Prem

Windows Server: Active Directory Schema Versions

Introduction

This article lists known Active Directory schema versions and demonstrates multiple methods to retrieve the current schema version of a given forest.

Schema Version Table

Version Corresponding Windows Server Version
Active Directory Domain Services (AD DS)
 13  Windows 2000 Server
 30  Windows Server 2003
 31  Windows Server 2003 R2
 39  Windows Server 2008 Beta
 44  Windows Server 2008
 47  Windows Server 2008 R2
 56  Windows Server 2012
 69  Windows Server 2012 R2
72  Windows Server 10 Technical Preview (aka Build 9841)
Active Directory Lightweight Directory Services (AD LDS)
 30  Active Directory Application Mode (ADAM)
 30  Windows Server 2008
 31  Windows Server 2008 R2
 31  Windows Server 2012

How to Retrieve the Schema Version

Note: The examples below assume the forest’s DNS name is “massivedynamic.local”.

Using ADSIEdit.msc

  1. Start ADSIEdit.msc
  2. In the left pane, right-click on ADSI Edit then click Connect to
  3. Under Connection Point, select Schema as Well known naming context
  4. Under Computer, enter massivedynamic.local
  5. Click OK
  6. In the left pane, click on Schema [massivedynamic.local]
  7. In the middle pane, right-click on c=schema,cn=configuration… then click on Properties
  8. Scroll-down to the attribute named objectVersion to see its value

Using DSQuery

dsquery * cn=schema,cn=configuration,dc=massivedynamic,dc=local -scope base -attr objectVersion

Using REPADMIN

The particularity of the REPADMIN tool is that can show the value of an attribute on all domain controllers. This ensure the replication happened correctly.

repadmin /showattr * cn=schema,cn=configuration,dc=massivedynamic,dc=local /atts:ObjectVersion

Using PowerShell and System.DirectoryServices.ActiveDirectory

[Reflection.Assembly]::LoadWithPartialName(“System.DyrectoryServices.ActiveDirectory”)
$Context = New-object System.DirectoryServices.ActiveDirectory.DirectoryContext(“Forest”,”massivedynamic.local”)
$Schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($Context)
$DirEntry = $Schema.GetDirectoryEntry()
$DirEntry.objectVersion

Using PowerShell and Windows PowerShell module for Active Directory

Get-ADObject cn=schema,cn=configuration,dc=massivedynamic,dc=local -properties objectVersion

Using PowerShell and Dell/Quest PowerShell Commands for Active Directory

Get-QADObject cn=schema,cn=configuration,dc=massivedynamic,dc=local -ip objectversion

Or

Get-QADRootDSE | Format-List *

To mimic REPADMIN (credits):

$Root = (Get-QADRootDSE).RootDomainNamingContext
Get-QADComputer -ComputerRole DomainController | Select Name,
@{l=’SchemaVersion’ ;e={(Get-QADObject “CN=Schema,CN=Configuration,$Root” -Service $_.Name -IncludedProperties objectversion).objectversion}},
@{l=’ForestFunctionality’ ;e={(Get-QADRootDSE -Service $_.Name).ForestFunctionality}},
@{l=’DomainFunctionality’ ;e={(Get-QADRootDSE -Service $_.Name).DomainFunctionality}}

Using Registry (from Server 2012)

Server 2012 introduces a registry value named Schema Version and located Under HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNTDSParameters.

This value will reflect the one exposed by the domain controller’s local schema replica of the of the Active Directory it belongs to.

More Information

Advertisements