Understanding Dynamic Schema Updates and Validation in Exchange 2007 SP2

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.


Applies to: Exchange Server 2007 SP2

The Active Directory Driver (Microsoft.Exchange.Data.Directory.Dll) in Exchange Server 2007 is the interface that is used by Exchange managed code to access configuration in the Active Directory. Objects in the Active Directory containers expose properties that are derived directly from attributes or that are calculated from attributes. The properties that are exposed by objects may be exported as cmdlet parameters.

Typically, the Active Directory Schema definitions are fairly static. When an update is issued that includes new configuration data, the current method is to implement these settings in an App.config file (XML values in an XML file). But this approach is prone to error and does not scale efficiently.

The Active Directory Driver that is included with Microsoft Exchange Server 2007 Service Pack 3 (SP3) now supports the following:

  • The addition of attributes that are independent of schema changes.

  • The ability to reference attributes that may not exist in the schema. The driver also allows Exchange managed code to function when a new attribute is read and the schema is not extended. In this case, when an attribute is not set on the object or does not exist in the schema, the Active Directory Driver will return the default value. By default, attributes that are added that do not exist in the schema will be provided a default value during a read operation.

  • Compatibility with Microsoft Exchange Server 2010 code.

  • Before Exchange 2007 SP3, writing to an attribute that did not exist in the schema caused a constraint violation. The Active Directory Driver that is included together with Exchange 2007 SP3 introduces dynamic validation code that performs additional validation on new attributes where the schema may not contain the attribute as a value.

    When you try to change an attribute that does not exist in the mayContain parameter, an exception error occurs. The updated Active Directory Driver provides more detail about the exception error. For example:

    SchemaNotExtended(string objectClass, string objectAttribute, string udpateAdded)=Object class {0} does not contain attribute {1} as a valid mayContain entry. You must extend the schema with updates from {2} to set this attribute.

    Where 0 is the most derived object class, 1 is the LDAP attribute name that does not exist. 2 is the nonlocalized update name where the value was added.