Directory Services |
All Active Directory searches are performed in one of the following naming contexts:
Domains contain most of the highly-used objects such as users, contacts, groups, organizational units, computers, and so on. Most queries will search a domain. For more information about searching a domain, see Searching Domain Contents.
The schema container contains the classSchema and attributeSchema objects that provide the formal definition of every class and attribute that can exist in Active Directory. To search for objects in the schema container, bind to the schema container on any domain controller. The schema container is available on all domain controllers. The distinguished name of the schema container is obtained from the schemaNamingContext attribute from rootDSE. For more information about rootDSE and the schemaNamingContext attribute, see Serverless Binding and RootDSE.
For more information about reading from the schema or abstract schema container, see Guidelines for Binding to the Schema.
The configuration container contains configuration information, such as sites, services and display specifiers, for the entire forest. To search for objects in the configuration container, bind to the configuration container on any domain controller. The configuration container is available on all domain controllers. The distinguished name of the configuration container is obtained from the configurationNamingContext attribute from rootDSE. For more information about rootDSE and the configurationNamingContext attribute, see Serverless Binding and RootDSE.
The global catalog holds a replica of every object in Active Directory, but with only a small number of their attributes. The attributes in the global catalog are those most frequently used in search operations, such as a user's first and last names, login names, and so on. For more information about searching the global catalog, see Searching the Global Catalog.