This knowledge artice is to describe the schema options for storing unix identity information.
In order to optimize transparency, performance, and interoperability with user provisioning tools, third-party Active Directory administration tools, and standard Unix applications, Authentication Service has been architected to support a number of different schema extensions.
These provide a standards-based mechanism for storing Unix attributes for users and groups in the directory. Both the industry de-facto standard RFC2307 schema extension and Microsoft's SFU schema extensions are supported.
However, if your Active Directory schema does not natively support Unix account attributes and a schema extension is not possible, Authentication Services can be setup using "schemaless" functionality where Unix account information is stored in the altSecurityIdentities attribute.
Please refer to the Authentication Services Admin guide for further information. The guide comes with the product and is available for download by clicking here