Overview#
To obtain a fully registered OID at no cost, apply for an OID under Internet Assigned Numbers Authority (IANA) maintained Private Enterprise arch. Any private enterprise (organization) may request an OID to be assigned under this arch. Just fill out the IANA form
X.500 Object IDentifiers (OIDs)#
We try to explain How To obtain your own OID.The LDAP "Data model", mentions every class must be uniquely identified by an OID. But what is an OID?
Every object class that is part of a schema receives a dotted decimal hierarchical identifier. These OIDs can be organized in a tree structure, very similar to the X.500 DIT , called Object Identifier Tree (OIT). They were defined by the X.208 standard, and they have been revised and updated by the X.680 standard. Immediately below the root of this tree, there are only three values currently defined.
Each schema element is identified by a globally unique Object Identifier (OID). OIDs are also used to identify other objects. They are commonly found in protocols described by ASN.1. In particular, they are heavily used by the Simple Network Management Protocol (SNMP). As OIDs are hierarchical, your organization can obtain one OID and branch it as needed.
You can design a hierarchy suitable to your organizational needs under your organization's OID. No matter what hierarchy you choose, you should maintain a registry of assignments you make. This can be a simple flat file or a something more sophisticated such as the OpenLDAP OID Registry.
For more information about Object Identifiers (and a listing service) see http://www.alvestrand.no/harald/objectid/
.
Under no circumstances should you use a fictitious OID!#
You should never publish your schema with fictitious OID.Obtain a "sub" OID#
You can obtain a sub-oid from several vendors:- Obtaining an Object Identifier from Microsoft
- Novell no longer maintains a vendor-accessible Directory OID/Prefix Registry
Naming of Schema Elements#
In addition to assigning a unique object identifier to each schema element, you should provide a least one textual name for each element. The name should be both descriptive and not likely to clash with names of other schema elements. In particular, any name you choose should not clash with present or future Standard Track names. To reduce (but not eliminate) the potential for name clashes, the convention is to prefix names of non-Standard Track with a few letters to localize the changes to your organization. The smaller the organization, the longer your prefix should be.In the examples below, we have chosen a short prefix 'my' (to save space). Such a short prefix would only be suitable for a very large, global organization. For a small, local organization, we recommend something like 'deFirm' (German company) or 'comExample' (elements associated with organization associated with example.com).
Recently we worked with some organizations that used their "stock ticker" for a prefix for the names of objectClasses and attributes.
First-level OID values
Value | Allocated to be Used By |
---|---|
0 | ITU-T (formerly CCITT) only |
1 | ISO only |
2 | ITU-T and ISO jointly |
Below ITU (0), there are four possible values. Those are the ones defined in the X.680 annex C (ISO 8824-1:1995) standard:
ITU first-level OID values#
Value | Allocated to be Used By |
---|---|
0.0 | ITU-T Recommendations A to Z (1 to 26) |
0.1 | ITU-T Questions (ITU Study group, study period and question number) |
0.2 | X.121 DCCs (Data Country Codes) |
0.3 | X.121 DNICs (Data Networks Identification Codes) |
0.4 | ITU-T Identified Organizations (added by X.680) |
0.9 | ITU-T Data |
ISO (1) also has four first-level values:#
Table 10. ISO first-level OID valuesValue | Allocated to be Used By |
---|---|
1.0 | ISO standards (followed by the number of the standard) |
1.1 | ISO registration authorities (never used; retired by X.680) |
1.2 | ISO member-bodies (followed by the country code, as defined on the ISO 3166 standard) |
1.3 | ISO Identified Organizations (followed by the International Code Designator, as defined in the ISO 6523 standard) |
WILLEKE#
Here is the OID branch of WILLEKE.COM and how OIDs are allocated. You may use this as an example of your deployment.OID | DESCRIPTION |
---|---|
1.3.6.1.4.1.8876 | Top of WILLEKE.COM OID - Branch Start |
1.3.6.1.4.1.8876.1 | SNMP Branch - Branch Start |
1.3.6.1.4.1.8876.2 | LDAP Branch - Branch Start |
1.3.6.1.4.1.8876.2.1 | LDAP AttributeTypes - Branch Start |
1.3.6.1.4.1.8876.2.2 | LDAP ObjectClasses - Branch Start |
Some of the more interesting OIDs in this sub-tree are:#
Value | Allocated to be Used By |
---|---|
1.2.840 | one of the OIDs assigned to the United States |
1.2.840.113556 | Microsoft |
1.3.6 | US Department of Defense |
1.3.6.1 | the Internet OID |
1.3.22 | Open Software Foundation |
1.3.26 | NATO Identified Organization |
1.3.6.1.4.1] | Private Enterprise Number Branch |
1.3.6.1.4.1.8876 | Top of the willeke.com Private OID Tree |
1.3.52 | Society of Motion Picture and Television Engineers |
Finally, the number 2 subtree is used for standards jointly defined by the ISO and the ITU. The most important, for this document’s purposes, is the Directory Standard (DS), which received the OID 2.5. Thus, all OIDs allocated by this standard start with this prefix. Some examples include:
- All user attribute types: 2.5.4
- All object classes: 2.5.6
- All matching rules: 2.5.13
A good link for OID information is http://www.alvestrand.no/objectid/top.html