JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Fusion Middleware Administration Guide for Oracle Unified Directory 11g Release 1 (11.1.1)
search filter icon
search icon

Document Information


1.  Starting and Stopping the Server

2.  Configuring the Server Instance

3.  Configuring the Proxy Components

4.  Configuring Security Between Clients and Servers

5.  Configuring Security Between the Proxy and the Data Source

6.  Managing Oracle Unified Directory With Oracle Directory Services Manager

7.  Managing Directory Data

8.  Replicating Directory Data

9.  Controlling Access To Data

10.  Managing Users and Groups With dsconfig

11.  Managing Password Policies

12.  Managing Directory Schema

Directory Schema Overview

Designing and Extending the Schema

Default Schema Files

Configuring Schema Checking

Working With Object Identifiers (OIDs)

Obtaining a Base OID

Extending the Schema

Managing Attribute Types

To View Attribute Types

To Create an Attribute Type

To Delete an Attribute Type

Managing Object Classes

To View Object Classes

To Create an Object Class

To Delete an Object Class

Extending the Schema With a Custom Schema File

Replicating the Schema

Managing the Schema With Oracle Directory Services Manager

Add a New Attribute Type

Add an Attribute Based on an Existing Attribute

Modify an Attribute

Delete an Attribute

View All Directory Attributes

Search for Attributes

View the Indexing Details of an Attribute

Add a New Object Class

Add an Object Class Based on an Existing Object Class

View the Properties of an Object Class

Modify an Object Class

Delete an Object Class

Search for Object Classes

Display a List of LDAP Syntaxes

Search for a Syntax

Display a List of LDAP Matching Rules

Search for a Matching Rule

Display a List of Content Rules

Search for a Content Rule

Create a New Content Rule

Create a Content Rule Based on an Existing Content Rule

Modify a Content Rule

Delete a Content Rule

13.  Monitoring Oracle Unified Directory

14.  Tuning Performance

15.  Advanced Administration

Working With Object Identifiers (OIDs)

An object identifier (OID) is a numeric string used to uniquely identify an object in a directory. OIDs are used in directory schema, controls, and extended operations that require unique identification of elements.

LDAP object classes and attributes require a base object identifier (OID) that must be unique within your organization to avoid naming conflicts in the directory. If you plan to use your directory internally within your organization, use the OIDs provided in the directory server. If you plan to export your schema or publicly expose your schema in any way, you should consider entering a request for a unique OID for your organization. For more information, see Obtaining a Base OID.

After you have obtained a base OID, you can add branches to it for your organization's object classes and attributes. For example, the directory server uses an assigned base OID of For each component type, the directory server provides unique branch numbers to the base OID for each schema component.

Note - The directory server provides a comprehensive set of OIDs that should be sufficient for most applications. You can also request OIDs for addition to the directory server repository.

The following table shows the base OIDs used for each schema component:

Table 12-2 Base OIDs Used for Each Schema Component

OID Value
Object classes
Attribute syntaxes
Matching rules
Extended operations
General use
Experimental use

For each schema type, a unique branch number is added to the base OID. For example, attribute types use a branch number of 1 to form the OID of*1*. For each specific attribute type, the directory server assigns another set of branch numbers, one for each attribute type.

The following table displays a (partial) list of assigned OID values for attribute types.

Table 12-3 Assigned OID Values for Attribute Types

OID Value
Attribute Type

Note - The directory server allows the use of non-numeric OIDs as long as a corresponding numeric OID is defined within the schema. For example, you can use a non-numeric OID, mytestattribute-oid for the named attribute, myTestAttribute. The non-numeric OID must be all lowercase with the -oid appended to the named attribute. The use of non-numeric OIDs is an LDAP-specification violation but is permissible for ease of use.

Obtaining a Base OID

If you plan to make your directory server publicly available, or if you plan to redistribute your schema definitions for custom applications, you can obtain a base OID for your organization. You can use your own OIDs in a custom schema file if you plan to create custom extensions to the directory server. Alternatively, you can modify the schema configuration files by adding your base OID with its respective branch number.

Note - Do not modify the default OIDs unless you are sure of what you are doing. Modifying the OIDs can potentially damage your directory server.

To obtain and create base OIDs for your organization, perform the following steps:

  1. Point your browser to the Internet Assigned Numbers Authority (IANA) web site at or a national organization in your country that handles such tasks. In some countries, corporations already have OIDs assigned to them. If your organization does not already have an OID, you can fill out a request at the IANA web site.

  2. Determine the unique object classes, attributes, names, and other schema elements. Ensure that the names are descriptive to make it easier to manage the schema. One trick is to add a custom prefix to your custom object classes and attributes. For example, if your organization is, you can add the prefix Example before each custom schema element, such as adding Example to a Person object class as in ExamplePerson.

  3. Create an OID registry to keep track of OID assignments. The registry is nothing more than a list that you maintain to ensure that OIDs and their descriptions are unique within your directory. The registry should be sufficiently protected so that only a privileged administrator can modify the registry.

  4. Create branches in the OID tree to accommodate the schema elements.

  5. Shut down the directory servers in your topology.

  6. Manually edit the schema configuration files on each directory server in your topology. Replace each OID with your company's OID. This avoids problems with schema replication seeing differences in the schema and attempting to synchronize the information.

  7. Manually edit any custom schema extensions. Ideally, you should define any custom extensions in a separate file.