Extend your Amazon Managed Microsoft AD schema - Amazon Directory Service
When to extend your Amazon Managed Microsoft AD schema
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Extend your Amazon Managed Microsoft AD schema

Amazon Managed Microsoft AD uses schemas to organize and enforce how directory data is stored. The process of adding definitions to the schema is referred to as “extending the schema.” Schema extensions make it possible for you to modify the schema of your Amazon Managed Microsoft AD directory using a valid LDAP Data Interchange Format (LDIF) file. For more information about AD schemas and how to extend your schema, see the topics listed below.

When to extend your Amazon Managed Microsoft AD schema

You can extend your Amazon Managed Microsoft AD schema by adding new object classes and attributes. For example, you might do this if you have an application that requires changes to your schema in order to support single sign-on capabilities.

You can also use schema extensions to enable support for applications that rely on specific Active Directory object classes and attributes. This can be especially useful in the case where you need to migrate corporate applications that are dependent on Amazon Managed Microsoft AD, to the Amazon cloud.

Each attribute or class that is added to an existing Active Directory schema must be defined with a unique ID. That way when companies add extensions to the schema, they can be guaranteed to be unique and not to conflict with each other. These IDs are referred to as AD Object Identifiers (OIDs) and are stored in Amazon Managed Microsoft AD.

To get started, see Tutorial: Extending your Amazon Managed Microsoft AD schema.

Topics