2.8 Versioning, Capability Negotiation, and Extensibility

Article
10/30/2024

There are two distinct modes of operation of the Active Directory system: Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS). Additionally, some versions of AD DS and AD LDS include support for Web Services protocols. A summary of the different modes along with the protocols (or protocol subsets) and directory schemas supported by each is provided in the table later in this section. Information about which versions of AD DS and AD LDS support Web Services protocols is given in the following product behavior note.<4>. The Technical Documents for the individual protocols specify additional versioning information; that is, not all versions of the Active Directory system support every method of a protocol that is listed in the table.

Modes and Protocols Supported

Mode	Protocols supported	Protocols of which a subset is supported	Schemas implemented
AD DS (without Web Services)	[MS-DSSP] (DSSP) [LDAP] (LDAP) [MS-LSAD] (LSAD) [MS-LSAT] (LSAT) [MS-SAMR] (SAMR)	DRSR: All methods of the dsaop RPC interface are supported. All methods of the drsuapi interface are supported except for the following: IDL_DRSInitDemotion IDL_DRSFinishDemotion	[MS-ADA1] [MS-ADA2] [MS-ADA3] [MS-ADSC]
AD DS (with Web Services)	[MS-ADCAP] (ADCAP) [MS-DSSP] (DSSP) [LDAP] (LDAP) [MS-LSAD] (LSAD) [MS-LSAT] (LSAT) [MS-SAMR] (SAMR) [WSENUM] (WS-Enumeration) [WXFR] (WS-Transfer) Protocol Extensions [MS-WSTIM] (IMDA) [MS-WSDS] (WSDS) [MS-WSPELD] (WSPELD)	DRSR: All methods of the dsaop RPC interface are supported. All methods of the drsuapi interface are supported except for the following: IDL_DRSInitDemotion IDL_DRSFinishDemotion	[MS-ADA1] [MS-ADA2] [MS-ADA3] [MS-ADSC]
AD LDS (without Web Services)	[LDAP] (LDAP)	DRSR: All methods of the drsuapi RPC interface are supported except for the following: IDL_DRSAddSidHistory IDL_DRSDomainControllerInfo IDL_DRSRemoveDsDomain IDL_DRSGetNT4ChangeLog IDL_DRSGetMemberships IDL_DRSInterDomainMove IDL_DRSGetMemberships2 IDL_DRSQuerySitesByCost IDL_DRSWriteSpn No methods of the dsaop RPC interface are supported. DSSP: Supported in the same manner as any member server or stand-alone server on which the Active Directory system is not running.	[MS-ADLS]
AD LDS (with Web Services)	[LDAP] (LDAP) [WSENUM] (WS-Enumeration) [WXFR] (WS-Transfer) Protocol Extensions [MS-WSTIM] (IMDA) [MS-WSDS] (WSDS) [MS-WSPELD] (WSPELD)	ADCAP: All methods of the AccountManagement port type are supported. The following methods of the TopologyManagement port type are supported: MoveADOperationMasterRole ChangeOptionalFeature DRSR: All methods of the drsuapi RPC interface are supported except for the following: IDL_DRSAddSidHistory IDL_DRSDomainControllerInfo IDL_DRSRemoveDsDomain IDL_DRSGetNT4ChangeLog IDL_DRSGetMemberships IDL_DRSInterDomainMove IDL_DRSGetMemberships2 IDL_DRSQuerySitesByCost IDL_DRSWriteSpn No methods of the dsaop interface are supported. DSSP: Supported in the same manner as any member server or stand-alone server on which the Active Directory system is not running.	[MS-ADLS]

The state model, constraints, processing rules, and so on, in [MS-ADTS] apply to both AD DS and AD LDS, except as otherwise noted in [MS-ADTS]. [MS-ADDM] applies to the Web Services-enabled versions of both AD DS and AD LDS.

Share via

2.8 Versioning, Capability Negotiation, and Extensibility

Additional resources