Vista introduces several new functionality and few of then (to be specific two) requires our AD environment to get prepared through schema extension. These schema extension needed to run new Vista's features will be part of LH schema, but LH is still somewhere behind the horizon and we have to take care about it by ourselves.
Two new Vista's features which requires schema extensions are:
- Wireless \ Wired GPO settings
Vista allows administrator to control various aspects of wired \wireless network client configuration and behavior through GPO. This includes 802.1x settings for wired clients, SSID allow\deny list etc. To get advantage of these new features AD schema has to be extended with extensions presented in this TechNet article.
- BitLocker key recovery
BitLocker is new Vista's feature which allows user to encrypt whole volume. BitLocker can use few various method for recovery key storage, among others this can be Active Directory computer object. To use this features AD schema has to be extended with few attributes which are described in document available on Microsoft Downloads. Schema extensions are located in \sources\adprep directory on Vista DVD media.
To make it clear – these schema extensions are required *only* if You are planning to use these new features. Before making it in the live environment maybe You want to test it in the lab, and maybe reading these guidelines will make process of extending the schema easier and safer.
These schema extensions can be introduced on Windows 2003 \ 2003 R2 DCs.