Authentication Services is working as expected. The schema cache command when executed while not joined does indeed cache the attributes stored in QAC. As a test in our lab I changed the ‘UserName’ from samaccountname to userprincipalname and cached using the command and the schema list returned the correct UserName attribute.
# /opt/quest/bin/vastool schema list
--------------------------------------------------------------------------------
No QAS Application Configuration (QAC) found.
Operating in version 3 compatibility mode:
Cached Schema Settings for joined forest:
--------------------------------------------------------------------------------
UserName attribute name: userprincipalname
I then changed the UserName attribute from userprincipalname to samaccountname and re-ran the schema cache command and as expected it returned the correct attribute.
# /opt/quest/bin/vastool schema list
--------------------------------------------------------------------------------
No QAS Application Configuration (QAC) found.
Operating in version 3 compatibility mode:
Cached Schema Settings for joined forest:
--------------------------------------------------------------------------------
UserName attribute name: samaccountname
It will however continue to report the QAC as missing until it is joined to the domain. The join is required to read the QAC and ensure that it is the latest version.