To obtain a fully registered OID at no cost, apply for an OID under Internet Assigned Numbers Authority (IANA) maintained Private Enterprise arch. Any private enterprise (organization) may request an OID to be assigned under this arch. Just fill out the IANA form and your official OID will be sent to you usually within a few days. Your base OID will be something like where X is an integer.
Don't let the "MIB/SNMP" statement on the IANA page confuse you. OIDs obtained using this form may be used for any purpose including identifying LDAP schema elements.

X.500 Object IDentifiers (OIDs)#

We try to explain How To obtain your own OID.

The LDAP "Data model", mentions every class must be uniquely identified by an OID. But what is an OID?

Every object class that is part of a schema receives a dotted decimal hierarchical identifier. These OIDs can be organized in a tree structure, very similar to the X.500 DIT , called Object Identifier Tree (OIT). They were defined by the X.208 standard, and they have been revised and updated by the X.680 standard. Immediately below the root of this tree, there are only three values currently defined.

Each schema element is identified by a globally unique Object Identifier (OID). OIDs are also used to identify other objects. They are commonly found in protocols described by ASN.1. In particular, they are heavily used by the Simple Network Management Protocol (SNMP). As OIDs are hierarchical, your organization can obtain one OID and branch it as needed.

You can design a hierarchy suitable to your organizational needs under your organization's OID. No matter what hierarchy you choose, you should maintain a registry of assignments you make. This can be a simple flat file or a something more sophisticated such as the OpenLDAP OID Registry. For more information about Object Identifiers (and a listing service) see http://www.alvestrand.no/harald/objectid/.

Under no circumstances should you use a fictitious OID!#

You should never publish your schema with fictitious OID.

Obtain a "sub" OID#

You can obtain a sub-oid from several vendors:

Naming of Schema Elements#

In addition to assigning a unique object identifier to each schema element, you should provide a least one textual name for each element. The name should be both descriptive and not likely to clash with names of other schema elements. In particular, any name you choose should not clash with present or future Standard Track names. To reduce (but not eliminate) the potential for name clashes, the convention is to prefix names of non-Standard Track with a few letters to localize the changes to your organization. The smaller the organization, the longer your prefix should be.

In the examples below, we have chosen a short prefix 'my' (to save space). Such a short prefix would only be suitable for a very large, global organization. For a small, local organization, we recommend something like 'deFirm' (German company) or 'comExample' (elements associated with organization associated with example.com).

Recently we worked with some organizations that used their "stock ticker" for a prefix for the names of objectClasses and attributes.

First-level OID values

ValueAllocated to be Used By
0ITU-T (formerly CCITT) only
1ISO only
2ITU-T and ISO jointly

Below ITU (0), there are four possible values. Those are the ones defined in the X.680 annex C (ISO 8824-1:1995) standard:

ITU first-level OID values#

ValueAllocated to be Used By
0.0ITU-T Recommendations A to Z (1 to 26)
0.1ITU-T Questions (ITU Study group, study period and question number)
0.2X.121 DCCs (Data Country Codes)
0.3X.121 DNICs (Data Networks Identification Codes)
0.4ITU-T Identified Organizations (added by X.680)
0.9ITU-T Data

ISO (1) also has four first-level values:#

Table 10. ISO first-level OID values
ValueAllocated to be Used By
1.0ISO standards (followed by the number of the standard)
1.1ISO registration authorities (never used; retired by X.680)
1.2ISO member-bodies (followed by the country code, as defined on the ISO 3166 standard)
1.3ISO identified organizations (followed by the International Code Designator, as defined in the ISO 6523 standard)


Here is the OID branch of WILLEKE.COM and how OIDs are allocated. You may use this as an example of your deployment.
OID DESCRIPTION Top of WILLEKE.COM OID - Branch Start Branch - Branch Start Branch - Branch Start AttributeTypes - Branch Start ObjectClasses - Branch Start

Some of the more interesting OIDs in this sub-tree are:#

ValueAllocated to be Used By
1.2.840one of the OIDs assigned to the United States
1.3.6US Department of Defense Internet OID
1.3.22Open Software Foundation
1.3.26NATO Identified Organization]Private Enterprise Number Branch of the willeke.com Private OID Tree
1.3.52Society of Motion Picture and Television Engineers

Finally, the number 2 subtree is used for standards jointly defined by the ISO and the ITU. The most important, for this document’s purposes, is the Directory Standard (DS), which received the OID 2.5. Thus, all OIDs allocated by this standard start with this prefix. Some examples include:

  • All user attribute types: 2.5.4
  • All object classes: 2.5.6
  • All matching rules: 2.5.13

A good link for OID information is http://www.alvestrand.no/objectid/top.html

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-22) was last changed on 21-Dec-2015 17:13 by jim