This chapter contains reference information about the LDAP attributes used for Oracle Identity Management. It contains the following topics:
For a list of attributes grouped by functional categories, see "Overview of Oracle Identity Management Schema Elements".
Oracle Internet Directory supports the following standard LDAP attributes as defined in the Internet Engineering Task Force (IETF) Requests for Comments (RFC) specifications.
Details of RFC specifications can be found on the IETF Web site at: http://www.ietf.org
.
Table 8-1 Standard LDAP Attributes Used By Oracle Internet Directory
Attribute Name | Specification |
---|---|
aliasedObjectName |
RFC 2256 |
applicationEntity |
RFC 2256 |
associatedDomain |
RFC 1274 |
associatedName |
RFC 1274 |
audio |
RFC 1274 |
authorityRevocationList |
RFC 2256 |
RFC 3112 |
|
bootFile |
RFC 2307 |
bootParameter |
RFC 2307 |
businessCategory |
RFC 2256 |
RFC 2256 |
|
caCertificate |
RFC 2256 |
carLicense |
RFC 2798 |
certificateRevocationList |
RFC 2256 |
RFC 2256 |
|
co |
RFC 1274 |
crossCertificatePair |
RFC 2256 |
dc |
RFC 2247 |
deltaRevocationList |
RFC 2256 |
departmentNumber |
RFC 2798 |
RFC 2256 |
|
destinationIndicator |
RFC 2256 |
RFC 2798 |
|
dITRedirect |
RFC 1274 |
dmdName |
RFC 2256 |
dNSRecord |
RFC 1274 |
drink |
RFC 1274 |
dSAQuality |
RFC 1274 |
employeeNumber |
RFC 2798 |
employeeType |
RFC 2798 |
facsimileTelephoneNumber |
RFC 2256 |
gecos |
RFC 2307 |
gidNumber |
RFC 2307 |
givenName |
RFC 2798 |
homeDirectory |
RFC 2307 |
homePhone |
RFC 1274 |
homePostalAddress |
RFC 1274 |
host |
RFC 1274 |
initials |
RFC 2256 |
internationalISDNNumber |
RFC 2256 |
ipHostNumber |
RFC 2307 |
ipNetmaskNumber |
RFC 2307 |
ipNetworkNumber |
RFC 2307 |
ipProtocolNumber |
RFC 2307 |
ipServicePort |
RFC 2307 |
ipServiceProtocol |
RFC 2307 |
RFC 2713 |
|
javaClassNames |
RFC 2307 |
javaCodebase |
RFC 2307 |
javaDoc |
RFC 2307 |
javaFactory |
RFC 2307 |
javaReferenceAddress |
RFC 2713 |
javaSerializedData |
RFC 2713 |
janetMailbox |
RFC 1274 |
RFC 1488 |
|
knowledgeInformation |
RFC 2256 |
l |
RFC 2256 |
RFC 2079 |
|
lastModifiedBy |
RFC 1274 |
lastModifiedTime |
RFC 1274 |
loginShell |
RFC 2307 |
macAddress |
RFC 2307 |
RFC 2798 |
|
mailAlternateAddress |
RFC 2256 |
mailHost |
RFC 2256 |
mailPreferenceOption |
RFC 1274 |
mailRoutingAddress |
RFC 2256 |
manager |
RFC 1274 |
member |
RFC 2256 |
memberNisNetgroup |
RFC 2307 |
memberUid |
RFC 2307 |
mobile |
RFC 1274 |
nisDomain |
RFC 2307 |
nisMapEntry |
RFC 2307 |
nisMapName |
RFC 2307 |
nisNetgroupTriple |
RFC 2307 |
nisPublicKey |
RFC 2307 |
nisSecretKey |
RFC 2307 |
o |
RFC 2256 |
oncRpcNumber |
RFC 2307 |
organizationalStatus |
RFC 1274 |
otherMailbox |
RFC 1274 |
ou |
RFC 2256 |
RFC 2256 |
|
pager |
RFC 1274 |
personalSignature |
RFC 1274 |
personalTitle |
RFC 1274 |
photo |
RFC 1274 |
physicalDeliveryOfficeName |
RFC 2256 |
postalAddress |
RFC 2256 |
postalCode |
RFC 2256 |
postOfficeBox |
RFC 2256 |
preferredDeliveryMethod |
RFC 2256 |
preferredDeliveryMethod |
RFC 2377 |
preferredLanguage |
RFC 2798 |
presentationAddress |
RFC 2256 |
RFC 2256 |
|
RFC 3296 |
|
registeredAddress |
RFC 2256 |
roleOccupant |
RFC 2256 |
roomNumber |
RFC 1274 |
searchGuide |
RFC 2256 |
secretary |
RFC 1274 |
RFC 2256 |
|
serialNumber |
RFC 2256 |
shadowExpire |
RFC 2307 |
shadowFlag |
RFC 2307 |
shadowInactive |
RFC 2307 |
shadowLastChange |
RFC 2307 |
shadowMax |
RFC 2307 |
shadowMin |
RFC 2307 |
shadowWarning |
RFC 2307 |
RFC 2256 |
|
st |
RFC 2256 |
street |
RFC 2256 |
subtreeMaximumQuality |
RFC 1274 |
subtreeMinimumQuality |
RFC 1274 |
supportedApplicationContext |
RFC 2256 |
telephoneNumber |
RFC 2256 |
teletexTerminalIdentifier |
RFC 2256 |
telexNumber |
RFC 2256 |
textEncodedORaddress |
RFC 2377 |
title |
RFC 2256 |
uid |
RFC 2253 |
uidNumber |
RFC 2307 |
uniqueIdentifier |
RFC 1274 |
RFC 2256 |
|
RFC 2256 |
|
userClass |
RFC 1274 |
RFC 2256 |
|
RFC 2798 |
|
userSMIMECertificate |
RFC 2798 |
x121Address |
RFC 2256 |
x500UniqueIdentifier |
RFC 2256 |
This section contains an alphabetical listing of the Oracle Identity Management attributes. These are the attributes used in entries pertaining to Oracle Internet Directory, Oracle Directory Integration Platform, Oracle Delegated Administration Services, and Oracle Single Sign-On.
Note:
Oracle Fusion Middleware 11g Release 1 (11.1.1) does not include Oracle Single Sign-On or Oracle Delegated Administration Services. Oracle Internet Directory 11g Release 1 (11.1.1), however, is compatible with Oracle Single Sign-On and Oracle Delegated Administration Services 10g (10.1.4.3.0) or later.
See Also:
The chapter on managing system configuration attributes in Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory.
Attribute mappings used by the POSIX naming directory user agent (DUA).
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseIgnoreIA5Match
1.3.6.1.4.1.11.1.3.1.1.9
Attribute types supported by the directory.
1.3.6.1.4.1.1466.115.121.1.3 (Attribute Type Description)
objectIdentifierFirstComponentMatch
2.5.21.5
Directory operational attribute.
Identifies the type of authentication method used to contact the directory server agent (DSA).
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseIgnoreIA5Match
1.3.6.1.4.1.11.1.3.1.1.6
Single-valued attribute.
Attribute for storing a password to an Oracle component when that password is the same as that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is synchronized with that in the userPassword attribute.
Several different applications can require the user to enter the same clear text password used for the directory, but each application may hash it with a different algorithm. In this case, the same clear text password can become the source of several different password verifiers.
This attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password. If the userpassword
attribute is modified, then the authpassword
values for all applications are regenerated.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
1.3.6.1.4.1.4203.1.3.4
Maximum time in seconds a POSIX directory user agent (DUA) should allow for a search to complete.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.11.1.3.1.1.4
Single-valued attribute.
Specifies the country associated with a user's address.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.5.4.6
Single-valued attribute.
Attribute that provides additional change log information, such as the value of the client IP address. For example:
changeloginfo=clientip=::ffff:10.229.116.104
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.510
Single-valued attribute.
The last change number transported by the replication server.
DN
DistinguishedNameMatch
2.16.840.1.113894.1.1.22
The common name (nickname) attribute which contains the name of an object. If the object corresponds to a user, it is typically the user's full name. A cn (common name) isn't unique, whereas a dn (distinguished name) is unique.
For example, if ABC corp employs two people with the name John Smith, one in HR and one in Finanace then they both would have a cn=John Smith, but they would have unique DNs because the DN would take the form:
cn=John Smith, ou=HR, o=ABC or cn=John Smith, ou=Finance, 0=ABC Where ou= organizational unit, and o=organization
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
caseIgnoreMatch
2.5.4.3
Specifies the permissible content of entries of a particular structural object class through the identification of an optional set of auxiliary object classes, mandatory, optional, and precluded attributes.
1.3.6.1.4.1.1466.115.121.1.16 (DIT Content Rule Description)
caseIgnoreMatch
2.16.840.1.113894.1.1.1004
The time that the entry was created.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.5.18.1
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
The DN of the entity (such as a user or an application) that created the entry.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.5.18.3
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Identifies the type of credentials a POSIX directory user agent (DUA) should use when binding to the directory server.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseIgnoreIA5Match
1.3.6.1.4.1.11.1.3.1.1.10
Single-valued attribute.
The default base DN used by a POSIX directory user agent (DUA).
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
1.3.6.1.4.1.11.1.3.1.1.1
Single-valued attribute.
User defined search scope used by a POSIX directory user agent (DUA).
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
N/A
1.3.6.1.4.1.11.1.3.1.1.12
Single-valued attribute.
The IP addresses of the default servers that a directory user agent (DUA) should use in a space separated list. After the servers in preferredServerList are tried, those default servers on the client's subnet are tried, followed by the remaining default servers, until a connection is made. At least one server must be specified in either preferredServerList
or defaultServerList
. This attribute has no default value.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseIgnoreIA5Match
1.3.6.1.4.1.11.1.3.1.1.0
Single-valued attribute.
An optional description for the entry.
1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)
caseIgnoreMatch
2.5.4.13
The preferred name used when displaying the entry in the GUI tools.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113730.3.1.241
Single-valued attribute.
Tells a POSIX directory user agent (DUA) if it should follow referrals returned by a directory server agent (DSA) search result.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseIgnoreIA5Match
1.3.6.1.4.1.11.1.3.1.1.5
Single-valued attribute.
Fully qualified name of a distinguished Java class or interface.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseExactMatch
1.3.6.1.4.1.42.2.27.4.1.6
Single-valued attribute.
A photograph file in JPEG format.
1.3.6.1.4.1.1466.115.121.1.28 (Binary)
octetStringMatch
0.9.2342.19200300.100.1.60
Contains the Kerberos principal name.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
1.3.18.0.2.4.1091
Single-valued attribute.
Uniform Resource Locator (URL).
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseExactIA5Match
1.3.6.1.4.1.250.1.57
Identifies the LDAP syntaxes implemented in the directory schema.
1.3.6.1.4.1.1466.115.121.1.54 (LDAP Syntax Description)
objectIdentifierFirstComponentMatch
1.3.6.1.4.1.1466.101.120.16
Directory operational attribute.
This attribute is defined in RFC 1274. Identifies a user's primary e-mail address (the e-mail address retrieved and displayed by "white-pages" lookup applications).
For example: mail: user.name@example.com
1.3.6.1.4.1.1466.115.121.1.26{256} (IA5 String, 256 character maximum)
caseIgnoreIA5Match
0.9.2342.19200300.100.1.3
Identifies the matching rules implemented in the directory schema.
1.3.6.1.4.1.1466.115.121.1.30 (Matching Rule Description)
objectIdentifierFirstComponentMatch
2.5.21.4
Directory operational attribute.
A user's middle name.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
1.3.6.1.4.1.1466.101.120.34
The DN of the entity (such as a user or application) that last updated the entry.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.5.18.4
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
The time the entry was last modified.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.5.18.2
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Top-level DNs for the naming contexts contained in this server. You must have superuser privileges to publish a DN as a naming context. There is no default value.
This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
N/A
1.3.6.1.4.1.1466.101.120.5
DSA operational attribute.
The list of object classes from which this object class is derived.
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
objectIdentifierMatch
2.5.4.0
Defines the object classes which are in force within a subschema.
1.3.6.1.4.1.1466.115.121.1.37 (Object Class Description)
objectIdentifierFirstComponentMatch
2.5.21.6
Directory operational attribute.
A mapping from an object class defined by a directory user agent (DUA) to an object class in an alternative schema used in the directory.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
N/A
1.3.6.1.4.1.11.1.3.1.1.11
Access control instructions are stored in the directory as attributes of entries. The orclACI
attribute is an operational attribute; it is available for use on every entry in the directory, regardless of whether it is defined for the object class of the entry. It is used by the directory server to evaluate what rights are granted or denied when it receives an LDAP request from a client.
1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)
accessDirectiveMatch
2.16.840.1.113894.1.1.42
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.129
Single-valued attribute.
Specifies that replication be activated on the replication server designated by orclOidInstanceName
and orclOidComponentName
. 1: Start replication server, 0: Stop replication server.
Integer
integerMatch
2.16.840.1.113894.1.1.616
Specifies the number of active connections to the Oracle Internet Directory server, including client LDAP connections and database connections.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.150
Single-valued attribute.
Specifies the date and time beyond which a user account is no longer active and beyond which the user is not allowed to authenticate.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.339
Single-valued attribute.
Specifies the date and time that a user account is active and the user is allowed to authenticate. If not specified, then the user is considered active immediately.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.330
Single-valued attribute.
Specifies the number of active threads on the Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.140
Single-valued attribute.
Naming attribute for the replication agreement entry.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.26
Single-valued attribute.
Replication agreement type: '0-OneWay 1-TwoWay, 2-LDAP Multimaster, 3-ASR Multimaster.
Integer
integerMatch
2.16.840.1.113894.1.1.511
Specifies whether anonymous binds to the directory are allowed or not. If set to 2, anonymous binds are allowed, but only search operations on root DSE entry are allowed for anonymous users. If set to 1, then anonymous binds are allowed. If set to 0 (zero), then anonymous binds are not allowed. The default is 1.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.299
Single-valued attribute.
The full name of an application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.320
The unique identifier of an application entry associated with a password verifier.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)
caseIgnoreMatch
2.16.840.1.113894.1.1.207
Single-valued attribute.
The address of the application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.318
The common name (cn) of the application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.319
Identifies the application type, such as Oracle Portal.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.280
Single-valued attribute.
Identifies the associated Oracle Database instance with the application or service.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1007
Identifies the associated Oracle Application Server instance with the application or service.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1006
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.138
Single-valued attribute.
A comma-separated list of events and category names to be audited. Custom events are only applicable when orclAudFilterPreset
is Custom
.
Examples include:
Authentication.SUCCESSESONLY, Authorization(Permission -eq 'CSFPerfmission")
IA5 String
caseExactIAI5Match
2.16.840.1.113894.1.1.373
Replaces the audit levels used in 10g (10.1.4.0.1) and earlier releases. Values are None
, Low
, Medium
, All
, and Custom
.
IA5 String
caseExactIAI5Match
2.16.840.1.113894.1.1.372
Identifies the audit attribute.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.58
Stores an audit message.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.59
A comma separated list of users for whom auditing is always enabled, even if orclAudFilterPreset
is None
.
For example:
cn=orcladmin.
IA5 String
caseExactIAI5Match
2.16.840.1.113894.1.1.374
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.139
Single-valued attribute.
Configuration attribute that associates a port number with an IP address in order to allow Oracle Internet Directory servers to communicate with each other in a cluster environment when cached data is changed.
The servers communicate with each other using the the LDAP protocol. For example, the following LDIF file, which you can load using the ldapmodify
command, associates port number 5678 with IP address 10.10.10.4 for the oid1 instance:
dn: cn=oid1,cn=osdldapd,cn=subconfigsubentry changetype: modify add: orclcachenotifyip;5678 orclcachenotifyip;5678: 10.10.10.4
When orclcachenotifyip is configured for an Oracle Internet Directory instance, the IP address must be local to the node where the instance is running.
1.3.6.1.4.1.1466.115.121.1.44
caseIgnoreMatch
2.16.840.1.113894.1.1.640
Contains the DN of the catalog entry.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.50
Single-valued attribute.
Identifies the business category of a service or an application entity
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.317
Holds the OID
of a field within an extension field of the client certificate.
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
objectIdentifierMatch
2.16.840.1.113894.1.1.711
Single-valued attribute.
Holds the extension field OID
of the client certificate.
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
objectIdentifierMatch
2.16.840.1.113894.1.1.709
Single-valued attribute.
This is a special catalog attribute used for certificate matching. The value of this attribute is computed by calculating a hash of the user certificate when it is added to Oracle Internet Directory.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
2.16.840.1.113894.1.1.184
Single-valued attribute.
Not user modifiable.
This is a special catalog attribute used for certificate matching. The value of this attribute contains the correct matching value to use for a user certificate based on the orclPKIMatchingRule setting.
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
octetStringMatch
2.16.840.1.113894.1.1.183
Single-valued attribute.
Not user modifiable.
Holds the standard field OID
of the client certificate.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.708
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.806
Single-valued attribute.
DSA operational attribute.
The number of processing retry attempts for a replication change-entry before being moved to the human intervention queue. The value for this parameter must be equal to or greater than 1 (one).
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.23
Single-valued attribute.
DSA operational attribute.
Specifies if auto-registration is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled).
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.567
Single-valued attribute.
Stores the common context map.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.904
Single-valued attribute.
Identifies the default user creation base where users are created.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.908
Single-valued attribute.
Identifies the group creation base under which Oracle Delegated Administration Services creates groups
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.903
Specifies the name of the attribute that is used as an RDN component when creating a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.900
Specifies the name of the attribute that uniquely identifies users.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.7
Single-valued attribute.
Identifies the common SASL realm. This attribute contains a string value specifying a subset of related entries under a subscriber realm.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.20
Single-valued attribute.
Identifies the branch that contains user entries.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.7.1.10
If this attribute is enabled then the common verifier is used for all related applications. If this attribute is disabled then each application must setup their own verifier profile.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.214
Single-valued attribute.
If this attribute is enabled then the common verifier is used for all related applications. If this attribute is disabled then each application must setup their own verifier profile.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.214
Single-valued attribute.
The Oracle Internet Directory version. Do not modify this attribute. It must be present for Oracle Internet Directory 11.1.1.6 or later to work with the schema. Values can be:
orclcompatibleversion 11.1.1.6.0
orclcompatibleversion 11.1.1.7.0
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1302
Multi-valued attribute.
Attribute that allows a configurable attribute and its value to be dynamically computed based on one or more specific rules.
See Also:
The "Managing Computed Attributes" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory for more information.
1.3.6.1.4.1.1466.115.121.1.44
caseIgnoreMatch
2.16.840.1.113894.1.1.628
Multi-valued attribute.
Automatically resolve replication conflicts. When this feature is enabled, conflicts in the Human Intervention Queue are automatically moved to the purge queue if the supplier's schema and consumer's schema match.
Integer
integerMatch
2.16.840.1.113894.1.1.828
The attribute type name that you want to use as the filter for a dynamic group query—for example, manager
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1001
Single-valued attribute.
A naming context in the DIT that you want to use as the base for a dynamic group query—for example, l=us,dc=mycompany,dc=com
. This attribute is currently not used.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1003
Single-valued attribute.
For a dynamic group query, this specifies the DN of the attribute you specified in the orclConnectByAttribute attribute—for example, Anne Smith
.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.1002
Single-valued attribute.
Specifies the format used to construct the connect string associated with a resource.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.354
Single-valued attribute.
Identifies a contact person for an organization or an application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.332
Single-valued attribute.
The hash algorithm used to encrypt passwords that are stored in the directory. Options are: MD4, MD5, No encryption, SHA, SSHA,SHA256, SHA384, SHA512, SSHA256, SSHA384, SSHA512, SMD5, or UNIX Crypt. The default is SSHA.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)
caseIgnoreMatch
2.16.840.1.113894.1.1.68
Single-valued attribute.
Specifies whether administration of this entry is available through Oracle Delegated Administration Services.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.324
Single-valued attribute.
Specifies the display order of an attribute in Oracle Delegated Administration Services.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.341
Specifies the name of an attribute to show in Oracle Delegated Administration Services.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.340
Specifies whether to display a product logo on the Identity Management Realm Configuration window of Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.362
Single-valued attribute.
Specifies whether to display a realm logo on the Identity Management Realm Configuration window of Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.361
Single-valued attribute.
Specifies whether an attribute is enabled for Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.344
Single-valued attribute.
Specifies whether an attribute is mandatory for Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.321
Single-valued attribute.
Specifies whether an attribute is personal information to be supplied by a user in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.326
Single-valued attribute.
The list of values to display to users in the UI when the orclDASUIType=Predefined List.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.328
Specifies the DNs of groups available for Oracle Delegated Administration Services.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.343
Specifies whether of not this attribute is searchable in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.906
Single-valued attribute.
Indicates the position in the DAS search result table column, if present.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.902
Single-valued attribute.
Specifies whether the attribute is searchable through Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.325
Single-valued attribute.
The maximum number of entries to return in a Oracle Delegated Administration Services search.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.363
Single-valued attribute.
Specifies whether an attribute is modifiable by the user in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.322
Single-valued attribute.
Specifies the UI field type for an attribute when displayed in Oracle Delegated Administration Services. Options are:
Single Line Text
Multi Line Text
Predefined List
Date
Browse and Select
Number
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.327
Single-valued attribute.
The corresponding URL of an Oracle Delegated Administration Services unit.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.310
This holds the URL base in install area for Oracle Delegated Administration Services.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.345
Specifies whether this attribute can be used for password reset validation purposes in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.905
Single-valued attribute.
Specifies whether this attribute is viewable through Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.323
Single-valued attribute.
Data Privacy mode. Sensitive attributes encrypted when returned.
0: Disabled, 1: Enabled
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.890
Specifies the date on which a user was born.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.307
Single-valued attribute.
Indicates a connection failure to the database in an error log entry.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.155
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.130
Single-valued attribute.
DN of the DB registration entry in OID that an application entity uses.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.347
The type of database used. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.5
Single-valued attribute.
The debug level associated with a server instance. The default for is 0 (zero). The valid range is 0 to 402653184.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.97
Single-valued attribute.
Specifies whether debug messages are to be written to the log file when a message is logged by the directory server. To enable it, set its value to 1. To disable it set it to 0, which is its default value.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.193
Single-valued attribute.
Replication server debug level.
Values are additive:
0: No Debug Log, 2097152: Replication Performance Log, 4194304: Replication Debug Log, 8388608: Function Call Trace, 16777216: Heavy Trace Log
Integer
integerMatch
2.16.840.1.113894.1.1.3
To make logging more focused, limits logged information to particular directory server operations by specifying the debug dimension to those operations. Values for operations are:
1 - ldapbind
2 - ldapunbind
4 - ldapadd
8 - ldapdelete
16 - ldapmodify
32 - ldapmodrdn
64 - ldapcompare
128 - ldapsearch
264 - ldapabandon
511 - all operations
To log more than one operation, add the values of their dimensions. For example, if you want to trace ldapbind (1), ldapadd (4) and ldapmodify (16) operations, then the value would be 21 (1 + 4 + 16 = 21).
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.601
Single-valued attribute.
Holds the DN of the group to designate the default group for a user, such that a default profile can be built for the user based on this attribute value.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.309
Single-valued attribute.
Identifies the default realm.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.312
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.131
Single-valued attribute.
Used to determine if the directory is used as the Oracle Directory Integration and Provisioning repository.
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch
2.16.840.1.113894.1.1.124
Single-valued attribute.
The version of Oracle Internet Directory. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch
2.16.840.1.113894.1.1.67
Single-valued attribute.
Contains the directory replication group agreement DN.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
N/A
2.16.840.1.113894.1.1.25
DSA operational attribute.
For Oracle Database Advanced Replication-based directory replication groups (DRGs), the orclReplicaID values of all the nodes in the DRG. This list must be identical on all nodes in the group. This attribute is not applicable for LDAP-based replication agreements.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
N/A
2.16.840.1.113894.1.1.48
DSA operational attribute.
Specifies if the user's personal information should be displayed in white pages queries. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.304
Single-valued attribute.
Number of dispatcher threads per server process.
Integer
integerMatch
2.16.840.1.113894.1.1.613
The root of the directory information tree (DIT). This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.7
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.161
Single-valued attribute.
Specifies whether to enable or disable the Entry Cache or Result Set Cache. Values can be:
0: Disable both the Entry Cache and Result Set Cache.
1: Enable the Entry Cache only (default value).
2: Enable both the Entry Cache and Result Set Cache.
If you change the attribute value, restart the Oracle Internet Directory server instance for the new value to take effect.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.400
Single-valued attribute.
Stores the cache hit ratio.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.170
Single-valued attribute.
Maximum number of entries that can be present in the entry cache. The default is 25,000.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.402
Single-valued attribute.
Maximum number of bytes of RAM that the entry cache can use. The default is 100 MB.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.401
Single-valued attribute.
The number of entries currently in the entry cache.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.171
Single-valued attribute.
The current size of the entry cache.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.172
Single-valued attribute.
Determines whether an application is enabled or disabled for use.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.1008
Single-valued attribute.
Whether to cache privilege groups and ACL groups. Using this cache improves the performance of access control evaluation for users.
Use the group cache when a privilege group membership does not change frequently. If a privilege group membership does change frequently, then it is best to turn off the group cache. This is because, in such a case, computing a group cache increases overhead. The default is 1 (enabled). Change to 0 (zero) to disable.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.403
Single-valued attribute.
List of attributes to be stored in an encrypted form.
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch
2.16.840.1.113894.1.1.419
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.136
Single-valued attribute.
Specifies the ACI that holds object level ACL.
1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)
accessDirectiveMatch
2.16.840.1.113894.1.1.43
Specifies critical events related to security and system resources to be recorded for server manageability statistics. The default value is 0. Table 8-2 lists the level values.
Level Value | Critical Event | Information It Provides |
---|---|---|
1 |
Superuser login |
Super uses bind (successes or failures) |
2 |
Proxy user login |
Proxy user bind (failures) |
4 |
Replication login |
Replication bind (failures) |
8 |
Add access |
Add access violation |
16 |
Delete access |
Delete access violation |
32 |
Write access |
Write access violation |
64 |
ORA 3113 error |
Loss of connection to database |
128 |
ORA 3114 error |
Loss of connection to database |
256 |
ORA 28 error |
ORA-28 Error |
512 |
ORA error |
ORA errors other an expected 1, 100, or 1403 |
1024 |
Oracle Internet Directory server termination count |
|
2047 |
All critical events |
For events other than superuser, proxy user, and replication login, set the value of the orclStatsFlag attribute to 1.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.195
Single-valued attribute.
The time that a logged directory event occurred.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.60
The type of logged directory event.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.57
Specifies an attribute (within the specified naming context) to be excluded from replication. Applies to partial replication only.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
N/A
2.16.840.1.113894.1.1.506
DSA operational attribute.
For Oracle Database Advanced Replication-based agreements, this attribute specifies one or more subtrees to be excluded from replication.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
N/A
2.16.840.1.113894.1.1.47
DSA operational attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.163
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.137
Single-valued attribute.
An additional attribute for storing more information about a resource, service, or component.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.355
An additional attribute for storing more information about a resource, service, or component.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.356
An additional attribute for storing more information about a resource, service, or component.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.357
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.128
Single-valued attribute.
The gender of a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.346
Single-valued attribute.
Enables change log generation 1-generate change log, 0-Do not generate change log
Integer
integerMatch
2.16.840.1.113894.1.1.617
Stores the general object latency.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.133
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.135
Single-valued attribute.
Specifies the attribute that is used to identify the global ID of a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.8
Single-valued attribute.
This is the global unique identifier for an entry within Oracle Internet Directory. The value for this attribute is automatically generated when an entry is created and remains constant, even if an entry is moved.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.37
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Password for the guest user account in Oracle Internet Directory.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.1.1.12
Single-valued attribute.
List of attributes whose values are hashed, using the crypto scheme set in the root DSE attribute orclcryptoscheme
.
1.3.6.1.4.1.1466.115.121.1.15 (caseIgnoreSubstringsMatch)
caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.376
Multi-valued attribute
Notes:
Never include the same attribute in both orclhashedattributes
and orclencryptedattributes
.
Only single-valued attributes can be hashed attributes.
The interval, in seconds, at which the directory replication server repeats the change application process.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
N/A
2.16.840.1.113894.1.1.98
Single-valued attribute.
DSA operational attribute.
Specifies the date on which a user was hired by the organization.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.308
Single-valued attribute.
The credit card expiration date for a subscriber.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.338
Single-valued attribute.
The credit card number for a subscriber.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.337
Single-valued attribute.
The credit card type for a subscriber.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.336
Single-valued attribute.
The DUNS number of a business subscriber. DUNS (Data Universal Numbering System) is a unique nine character company identification number issued by Dun and Bradstreet Corporation used to identify a US corporate entity.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.334
Single-valued attribute.
Payment terms for a subscriber account.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.335
Single-valued attribute.
The host name of the Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch
2.16.840.1.113894.1.1.41
Single-valued attribute.
The number of open connections that are currently inactive. Oracle Internet Directory tracks the idle connections for server manageability statistics.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.151
Single-valued attribute.
The number of Oracle Internet Directory server process threads that are currently inactive. Oracle Internet Directory tracks the idle threads for server manageability statistics.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.141
Single-valued attribute.
The naming context included in a partial replica. For each naming context object, you can specify only one unique subtree.
In partial replication, except for subtrees listed in the orclExcludedNamingContexts attribute, all subtrees in the specified included naming context are replicated.
Only LDAP-based replication agreements respect this attribute to define one or more partial replicas. If this attribute contains any values in an Oracle Database Advanced Replication-based replication agreement, then it is ignored.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
N/A
2.16.840.1.113894.1.1.819
Single-valued attribute.
DSA operational attribute.
Attributes that are indexed in the Oracle Internet Directory catalog.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.49
The memory size of the Oracle Internet Directory server at start up.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.147
Single-valued attribute.
Search filters to be processed in memory.
Printable String
caseIgnoreMatch
2.16.840.1.113894.1.1.608
Multiple-valued attribute.
Time interval in seconds between executions of Oracle Directory Integration and Provisioning profiles.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.9.1.8
The IP address of the Oracle Internet Directory server host.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.186
Whether a user or service subscriber is enabled in Oracle Internet Directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.316
Single-valued attribute.
This attribute is used to determine if users or groups is visible to applications managed by Oracle Delegated Administration Services, such as Oracle Portal. Oracle Single Sign-On does not use this attribute. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.303
Single-valued attribute.
For Oracle Directory Integration and Provisioning export operations, the last change from Oracle Internet Directory that was applied to the connected directory. The default value is 0. If you have used the Oracle Directory Integration and Provisioning Assistant to bootstrap the connected directory, then this value is set automatically at the end of the bootstrapping process. This is valid only in the export profile.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.69
Single-valued attribute.
Last login time of a user
1.3.6.1.4.1.1466.115.121.1.24
generalizedTimeMatch
2.16.840.1.113894.1.1.378
Single-valued attribute
For replication, whether to keep the LDAP connection to the connected directory alive due to activity. If not set Oracle Internet Directory will drop inactive connections after a period of time. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.822
Single-valued attribute.
The number of minutes before Oracle Internet Directory times out and drops an inactive connection.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.194
Single-valued attribute.
The instance number of a particular Oracle Internet Directory server instance.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.125
Single-valued attribute.
The process ID of a particular Oracle Internet Directory server instance.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.126
Single-valued attribute.
The maiden name of a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.306
Holds the required information for generating the mapped identity.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.704
Single-valued attribute.
LDAP filter specifying entries to be exposed. Others are masked.
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
caseIgnoreMatch
2.16.840.1.113894.1.1.427
Multivalued, User-modifiable
List of DIT subtrees that are exposed or hidden:
orclMaskRealm contains the DIT subtrees that are exposed in an instance. This attribute is configured in the instance level. The DN configured and its children are visible in the instance. Other entries in the DIT are masked (hidden) for all LDAP operations.
orclMaskRealm;disallowed contains the DIT subtrees that are hidden in a container for an entire directory for all LDAP operations. This attribute is configured in the DSA configuration entry.
1.3.6.1.4.1.1466.115.121.1.34 (DN)
distinguishedNameMatch
2.16.840.1.113894.1.1.426
Multivalued, User-modifiable
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.1010
Single-valued attribute.
If the base DN of a search request is not found, then the directory server returns the nearest DN that matches the specified base DN. Whether the directory server tries to find the nearest match DN is controlled by this attribute. If set to 1, then match DN processing is enabled. If set to 0, then match DN processing is disabled. The default is 1.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.404
Single-valued attribute.
The number of connections established by the Oracle Internet Directory server to its backend data base. The default value is 2.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.4
Single-valued attribute.
The number of connection DNs whose privileged groups can be cached is controlled by orclMaxConnInCache in the instance-specific configuration entry. The default value is 100000 identities (connection DNs). Increase the value of orclMaxConnInCache if your installation has more than 25000 users.
See Also:
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory for more information.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.605
Single-valued attribute.
Frequency in minutes at which the Oracle Internet Directory server calls OCIPing
() to send keep alive messages to the Oracle Database. Setting this attribute to a value less than the timeout value of the firewall between Oracle Internet Directory server and its Database (typically 30 minutes) prevents the Database connection from being dropped.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.196
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.156
Single-valued attribute.
Max size of the filter to be allowed for ldap search operation.
2.16.840.1.113894.1.1.610
Max LDAP connections per server.
Integer
integerMatch
2.16.840.1.113894.1.1.611
Maximum number of log files to keep in rotation.
Integer
integerMatch
2.16.840.1.113894.1.1.615
Maximum size of the log file.
Integer
integerMatch
2.16.840.1.113894.1.1.614
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.164
Single-valued attribute.
Maximum Time in seconds for Server process to respond back to Dispatcher process
Integer
integerMatch
2.16.840.1.113894.1.1.620
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.162
Single-valued attribute.
This attribute contains the groups to which the entry belongs. This includes static groups and dynamic groups of objectclass orclDynamicGroup, using labeleduri attribute, which are cached. The membership includes both direct groups and nested groups. The attribute values are computed during search and are not stored. As of Oracle Internet Directory 11g Release 1 (11.1.1.7.0), this attribute can be used in search filters.
orclMemberOf
is an operational attribute and is returned by a search only when explicitly requested in the required attributes list.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.424
Directory operational attribute.
Not user modifiable.
Aliases: memberof, ismemberof.
The DN of an Oracle Net Service description entry. Oracle Net directory naming allows net service names to be stored in and retrieved from Oracle Internet Directory.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.3.1.12
Single-valued attribute.
The description string for an Oracle Net Service. For example:
(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)
(HOST = hostname)(PORT =1521))) (CONNECT_DATA = (SID = ORCL)))
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.3.1.13
Single-valued attribute.
The non-SSL LDAP listening port for Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.102
Single-valued attribute.
Identifies the normalized DN of an entry.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.1000
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.160
Single-valued attribute.
Stores the network read/write time out. When an LDAP client initiates an operation, then does not respond to the server for a configured number of seconds, the server closes the connection. The number of seconds is controlled by the attribute orclnwrwtimeout in the DSA configuration entry. The default is 300 seconds.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.603
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.159
Single-valued attribute.
Stores Microsoft Active Directory's OBJECTGUID
attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.901
Single-valued attribute.
Stores Microsoft Active Directory's OBJECTSID
attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.902
Single-valued attribute.
The DN of a provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.9.1.6
Any configuration information that you want the connector to store in Oracle Internet Directory. It is passed by the Directory Integration Platform server to the connector at time of connector invocation. The information is stored as an attribute and the Directory Integration Platform server does not have any knowledge of its content. When the connector is scheduled for execution, the value of the attribute is stored in the file, ORACLE_HOME
/ldap/odi/conf/profile_name.cfg
that can be processed by the connector.
Upload the file by using:
manageSyncProfiles update -h host -p port -D WLS_userid -profile profile_name -params "odip.profile.configfile ORACLE_HOME/ldap/odi/conf/profile_name.cfg"
or
manageSyncProfiles update -h host -p port -D WLS_userid -profile profile_name -file properties_file
where properties_file specifies odip.profile.configfile=ORACLE_HOME
/ldap/odi/conf/profile_name.cfg
.
Do this for both import and export agents.
See Chapter 5, "Oracle Directory Integration Platform Tools" and the Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform for more information
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.24
Whether a synchronization profile is enabled or disabled. Valid values are ENABLE or DISABLE. The default is DISABLE.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.3
Single-valued attribute.
The executable name and argument list used by the Directory Integration Platform server to invoke a connector. It can be passed as a command-line argument when the connector is invoked. For example, here is a command to invoke the Oracle HR connector:
odihragent OracleHRAgent connect=hrdb login=%orclodipConDirAccessAccount pass=%orclodipConDirAccessPassword date=%orclODIPLastSuccessfulExecutionTime
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.21
Single-valued attribute.
The host name of the Oracle Directory Integration and Provisioning server where the synchronization profile is run.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.5
Single-valued attribute.
The name of a third-party synchronization profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.1
Single-valued attribute.
Password that the synchronization profile uses to bind to the directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.4
Single-valued attribute.
The name of an application to which a provisioning subscription belongs.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.9.1.7
The DN of the application to which a provisioning subscription belongs.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.918
Single-valued attribute.
Attribute for storing the mapping rules used by a synchronization profile. Store the mapping rules in a file by using the Directory Integration Platform Assistant. See Chapter 5, "Oracle Directory Integration Platform Tools" and the Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform for more information about mapping rules.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.41
The bootstrap status of a synchronization profile (the initial migration of data between a connected directory and Oracle Internet Directory).
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.101
Single-valued attribute.
The command to invoke a provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.9.1.5
Valid user account in the connected directory to be used by the connector for synchronization. The value is specific to the connected directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind DN in the SunONE Directory Server. For the Human Resources Connector, it is a valid user identifier in the Oracle Human Resources database. For other connectors, it can be passed as a command-line argument when the connector is invoked.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.22
Single-valued attribute.
Password to be used by the user specified in the orclODIPConDirAccessAccount attribute to connect to the connected directory. The value is specific to the third-party directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind password in the SunONE Directory Server. For the Human Resources Agent, it is the Oracle Human Resources database password.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.23
For Oracle Directory Integration and Provisioning import operations, the last change from the connected directory that was applied to Oracle Internet Directory. The default value is 0. If you have used the Directory Integration Platform Assistant to bootstrap the connected directory, then this value is set automatically. See Chapter 5, "Oracle Directory Integration Platform Tools" and the Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform for more information about the bootstrap operation. This is valid only in the import profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.65
Single-valued attribute.
This attribute specifies the filter to apply to the third-party directory change log. It is used in the Oracle Directory Integration and Provisioning import profile. The filter must be set in the import profile when both the import and export integration profiles are enabled, as follows:
Modifiersname != connected_directory_account
This prevents the same change from being exchanged between the two directories indefinitely. To avoid confusion, make this account specific to synchronization.
See Also: Note 280474.1, "Setting Up Filtering in a DIP Synchronization Profile" available at My Oracle Support (formerly MetaLink) at http://metalink.oracle.com/
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.42
Connection string required to connect to the third-party connected directory. This value refers to the host name and port number as host:port:
[
sslmode
]
.
To connect by using SSL, enter host:port:
1
.
Make sure the certificate to connect to the directory is stored in the wallet, the location of which is specified in the file odi.properties
.
Note: To connect to SunONE Directory Server by using SSL, the server certificate needs to be loaded into the wallet.
See Also: The chapter on Oracle Wallet Manager in Oracle Database Advanced Security Administrator's Guide.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.25
Single-valued attribute.
Stores the DNs of integration profiles for a particular configuration set in Oracle Directory Integration Platform.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.72
Stores a flag which indicates whether any integration profiles have been added, deleted, or modified. Used in association with a configuration set.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.71
Single-valued attribute.
The connection string for the database of a provisioning profile subscriber. The format of the string is host:port:sid:username:password
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.9.1.2
Stores a key which is used to encrypt and decrypt sensitive data that is transmitted by the Oracle directory integration platform server to other applications.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.215
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.433
Store configuration information for events to which a provisioned-integrated application subscribes.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubStringsMatch
2.16.840.1.113894.9.1.1
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.605
Single-valued attribute.
Identifies the location in the directory that stores information about instances of the Oracle directory integration platform server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.913
Single-valued attribute.
Stores a flag that indicates whether an instance of the Oracle directory integration platform server should continue running or shut down. This flag provides a means of communication between the OID Monitor, OID Control, and the Oracle directory integration platform server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.76
Single-valued attribute.
The data format or protocol used in synchronization with a third-party directory. Supported values are:
LDIF—Import or export from a LDIF File.
Tagged—Import or export from a tagged file—a proprietary format supported by the Oracle Directory Integration Platform server, similar to LDIF format.
LDAP—Import from or export to an LDAP-compliant directory.
DB —Import from or export to an Oracle Database directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.28
Single-valued attribute.
Status attribute set to the last time the integration profile was executed by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss
, where hh
is the time of day in 24-hour format. This attribute is initialized during profile creation.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.61
Single-valued attribute.
Status attribute set to the last time the integration profile was executed successfully by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss
, where hh
is the time of day in 24-hour format. This attribute is initialized during profile creation.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.62
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.603
Single-valued attribute.
Used in an object definition to identify and classify a particular type of object.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.602
Identifies the location of the various object definitions used by the Oracle directory integration platform server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.917
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.432
Used in an object definition to store the name of an object.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.601
Single-valued attribute.
The search base in the directory for an object associated with an Oracle Directory Integration and Provisioning synchronization profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.431
In export profiles, this attribute specifies the filter to apply to the Oracle Internet Directory change log container. It is used in the export profile. It must be set in the export profile when both the import and export integration profiles are enabled, as in the following example:
Modifiersname !=orclodipagentname=iPlanetImport,cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory
This prevents the same change from being exchanged between the two directories indefinitely.
In import profiles, this attribute specifies a key for mapping entries between Oracle Internet Directory and the connected directory. This is useful when the DN cannot be used as the key.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.43
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.430
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.604
Single-valued attribute.
Additional information that may be needed by an Oracle Directory Integration and Provisioning connector plug-in.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.264
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.261
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.265
The Oracle Directory Integration and Provisioning connector plug-in executable data, which is typically a JAR file.
1.3.6.1.4.1.1466.115.121.1.5 (Binary Data)
N/A
2.16.840.1.113894.8.1.262
The fully qualified name of the Oracle Directory Integration and Provisioning connector plug-in executable, which is typically a Java class.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.263
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.914
Single-valued attribute.
The debugging level for an Oracle Directory Integration and Provisioning synchronization profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.251
Single-valued attribute.
Associates a group number with a particular provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.250
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.223
Contains information that is used by the Oracle directory integration platform server on how to connect to a provisioning-integrated application for event propagation.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.222
Single-valued attribute.
Contains a provisioning-integrated application's interface name, which is used by the Oracle directory integration platform server for event propagation. The value assigned to this attribute depends on the interface type.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.220
Single-valued attribute.
Specifies the type of interface to which events is propagated by the Oracle directory integration platform server. Valid values for this attribute are PLSQL or JAVA.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.221
Single-valued attribute.
Specifies the provisioning profile version to which events is propagated by the Oracle directory integration platform server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.224
Single-valued attribute.
Contains the number of the last event that was generated by a provisioning-integration application and updated in Oracle Internet Directory by the Oracle directory integration platform server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.234
Single-valued attribute.
The last time the Oracle Directory Integration and Provisioning synchronization profile was executed.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.232
Single-valued attribute.
The last time the Oracle Directory Integration and Provisioning synchronization profile was successfully executed.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.233
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.214
Single-valued attribute.
Specifies the maximum number of events that the Oracle directory integration platform server packages and sends to an application during one invocation of a provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.212
Single-valued attribute.
Specifies the maximum number of events that the Oracle directory integration platform server sends to an application during one execution of a provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.213
Single-valued attribute.
The maximum number of times an Oracle Directory Integration and Provisioning profile is retried in the event of an error.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.211
Single-valued attribute.
The name of the Oracle Directory Integration and Provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.201
Single-valued attribute.
Contains errors raised during event propagation by the Oracle directory integration platform server for a particular provisioning-integrated application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.231
Contains the Oracle directory integration platform server's event propagation status for a particular provisioning-integrated application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.230
Single-valued attribute.
The subscription mode for a provisioning profile: INBOUND, OUTBOUND, or BOTH.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.408
The number of seconds between executions of an Oracle Directory Integration and Provisioning profile. The default is 3600, which means the profile is scheduled to run every hour.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.210
Single-valued attribute.
Indicates whether the Oracle directory integration platform server should perform a provisioning profile status update while propagating events to a provisioning-integrated application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.610
Single-valued attribute.
Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to identify a particular type of event.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.503
Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to indicate what type of operation in LDAP (add, modify, delete) can cause some type of event.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.502
Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to indicate the type of object (i.e whether it is a USER or a GROUP and so forth) based on other qualifying criteria.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.501
Single-valued attribute.
Stores the XML-based rule definitions used by the Oracle directory integration platform server to convert changes in Oracle Internet Directory into events before propagating them to a provisioning-integrated application.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.607
Single-valued attribute.
Stores the XML DTD for event rule definitions used by the Oracle directory integration platform server to understand and parse event rule definitions.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.606
Single-valued attribute.
Used with version 3.0 provisioning profiles to identify and classify an object based on the entry's object class. This attribute is used in the object definitions stored in Oracle Internet Directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.609
Used by the Oracle directory integration platform server to identify the Java classes to use for reading and writing events from and to provisioning-integration applications and for processing event propagation results. The default configurations in this attribute should not be changed.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.608
Single-valued attribute.
The global unique identifier for the application entry associated with a provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.402
Single-valued attribute.
The distinguished name (DN) of the application to which the provisioning subscription belongs. The combination of the application name and organization name uniquely identifies a provisioning profile, for example, Email.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.401
Single-valued attribute.
The event mapping rule maps the object type received from the application (using an optional filter condition) to a domain in Oracle Internet Directory. An inbound provisioning profile can have multiple mapping rules defined.
The following example shows a sample mapping rule value. The rule shows that a user object (USER
) whose locality attribute equals US (l=US
) should be mapped to the domain l=US,cn=users,dc=company,dc=com
.
USER:l=US:l=US,cn=users,dc=company,dc=com
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.406
Defines the types of events that the application is allowed to send to the Oracle Directory Integration and Provisioning service. An inbound provisioning profile can have multiple permitted operations defined.
For example, if you wanted to permit the application to send events whenever a user object was added or deleted, or when certain attributes were modified, you would have three permitted operation values such as this:
USER:dc=mycompany,dc=com:ADD(*) USER:dc=mycompany,dc=com:MODIFY(cn,sn,mail,password) USER:dc=mycompany,dc=com:DELETE(*)
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.407
Defines the types of events that the Oracle Directory Integration and Provisioning service should send to the application. An outbound provisioning profile can have multiple event subscriptions defined.
For example, if you wanted the directory integration server to send events to the application whenever a user or group object was added or deleted, you would have four event subscription values such as this:
GROUP:dc=mycompany,dc=com:ADD(*) GROUP:dc=mycompany,dc=com:DELETE(*) USER:dc=mycompany,dc=com:ADD(*) USER:dc=mycompany,dc=com:DELETE(*)
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.405
The global unique identifier for the organization entry associated with a provisioning profile.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.404
Single-valued attribute.
The distinguished name (DN) of the organization to which the provisioning subscription belongs, for example dc=company,dc=com
. The combination of the application DN and organization DN uniquely identifies a provisioning profile. Defaults value is the DN of the default identity management realm.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.403
Single-valued attribute.
Contains the DN of the directory container that stores provisioning profiles.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.916
Single-valued attribute.
Refers to the root location in the directory tree where the Oracle Directory Integration Platform configuration is stored.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.912
Single-valued attribute.
Time interval in seconds after which a connected directory is synchronized with Oracle Internet Directory. The default is 600.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.6
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.911
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.511
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.512
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.515
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.919
Single-valued attribute.
The number that corresponds to the debugging level for the Oracle Directory Integration and Provisioning server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.516
Single-valued attribute.
The number of minutes between server refreshes for any changes in Oracle Directory Integration Platform profiles. If not specified, the default of 2 is used.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.514
Single-valued attribute.
The number of the corresponding SSL mode. The default is 0. The modes are as follows:
0 — SSL is not used.
1 — SSL is used for encryption only, not for authentication.
2 — SSL is used for one-way authentication. With this mode you must also specify the complete path and file name of the server's Oracle Wallet.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.513
Single-valued attribute.
The complete path and file name of the Oracle Directory Integration and Provisioning server's Oracle Wallet.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.517
Single-valued attribute.
Messages explaining the errors if the last execution of the synchronization profile failed. This attribute is updated by Oracle Directory Integration and Provisioning server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.64
Direction of synchronization between Oracle Internet Directory and the connected directory. Allowed values are: IMPORT or EXPORT.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.2
Single-valued attribute.
Status of the last execution of a synchronization profile: SUCCESS or FAILURE. Initially, this attribute has the value YET TO BE EXECUTED.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.63
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.915
Single-valued attribute.
Maximum number of times Oracle Directory Integration and Provisioning server tries to run the third-party directory connector in the event of a failure. The default is 5.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.7
Single-valued attribute.
Name of OID component where replication server is started.
Directory String
caseIgnoreMatch
2.16.840.1.113894.1.1.832
Name of instance where replication server is started.
Directory String
caseIgnoreMatch
2.16.840.1.113894.1.1.830
Specifies the number of abandoned LDAP operations.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.168
Single-valued attribute.
Specifies the number of completed LDAP operations.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.166
Single-valued attribute.
Specifies the number of open connections to the Oracle Internet Directory server, including client LDAP connections and database connections.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.149
Single-valued attribute.
Specifies the number of failed LDAP operations.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.190
Single-valued attribute.
Specifies the number of initiated LDAP operations.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.165
Single-valued attribute.
Stores operation latency.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.127
Single-valued attribute.
Specifies the number of pending LDAP operations.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.167
Single-valued attribute.
Stores the operation result.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.64
Specifies the number of successful LDAP operations.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.189
Single-valued attribute.
Specifies the number of LDAP search operations that timed out.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.169
Single-valued attribute.
Security event tracking level.
Integer
integerMatch
2.16.840.1.113894.1.1.180
Maximum number of bytes of RAM that security events tracking can use for each type of operation.
Integer
integerMatch
2.16.840.1.113894.1.1.178
Number of in-memory cache containers to be allocated for security event tracking. The 1stlevel
subtype is for setting the number of in-memory cache containers for storing information about users performing operations. The 2ndlevel
subtype, which is applicable only to compare operation, sets the number of in-memory cache containers for information about the users whose userpassword is compared and tracked when detailed compare operation statistics is programmed.
Integer
integerMatch
2.16.840.1.113894.1.1.181
Specifies the number of ORA-28 errors encountered by Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.182
Single-valued attribute.
Specifies the number of ORA-3113 errors encountered by Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.157
Single-valued attribute.
Specifies the number of ORA-3114 errors encountered by Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.158
Single-valued attribute.
The ORACLE_HOME location of an Oracle service.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
N/A
2.16.840.1.113894.7.1.2
Single-valued attribute.
The global unique identifier of the user who owns an application or resource.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.358
Identifies an Oracle-specific password for custom authentication schemes like O3Logon for the database server.
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
caseExactMatch
2.16.840.1.113894.7.1.13
Specifies the password value to access the resource.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.353
Single-valued attribute.
Specifies the password hint to be displayed when users forget their password.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.314
Single-valued attribute.
The answer related to the password hint question stored in orclPasswordHint.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.315
Single-valued attribute.
Note:
orclPasswordHintAnswer
is hashed using the SHA-1
algorithm. The hexadecimal value of this is Base64
encoded.
Oracle Internet Directory hashes the value only if it is provided as plaintext. Prehashed values are not hashed again.
Attribute for storing a password to an Oracle component when that password is different from that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is not synchronized with that in the userPassword attribute.
Like authPassword, this attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
2.16.840.1.113894.1.1.210
Whether to BEGIN or END pilot mode for a replica.
1.3.6.1.4.1.1466.115.121.1.27 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch, equality integermatch
2.16.840.1.113894.1.1.824
Single-valued attribute.
Password hint for the user's PKCS12 private key store.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.11
This is used to specify the matching rule for mapping a user's PKI certificate DN to the user's entry DN in Oracle Internet Directory. The following matching rule values are allowed:
0 - Exact match. The PKI certificate DN must match the user entry DN.
1 - Certificate search. Check to see if the user has a PKI certificate provisioned into Oracle Internet Directory.
2 - A combination of exact match and certificate search. If the exact match fails, then a certificate search is performed.
3 - Mapping rule only. Use a mapping rule to map user PKI certificate DNs to Oracle Internet Directory DNs.
4 - Try in order: 1 (mapping rule), 2 (certificate search), 3 (exact match).
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.703
Single-valued attribute.
The universal time when the certificate revocation list (CRL) should be updated.
1.3.6.1.4.1.1466.115.121.1.53 (UTC Time)
integerMatch
2.16.840.1.113894.2.1.300.1
Contains the certificate validation mechanism supported. Currently, only validation with crls is supported, hence the value of this attribute is CRL.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.2.1.300.2
A semicolon-separated attribute name list that controls whether the plug-in takes effect. If the target attribute is included in the list, the plug-in is invoked.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.563
Single-valued attribute.
If enabled, then the Plug-in is invoked when the base entry does not exist. This only applies to search operation with scope base.
Allowed values are 0 (disabled) or 1 (enabled).
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.569
Single-valued attribute.
Whether a plug-in is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled). The default is 0 (disabled).
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.554
Single-valued attribute.
An LDAP search filter that specifies entry criteria that will cause the plug-in to not be invoked. For example, if the following filter is used, the plug-in will not be invoked if the target entry has objectclass
equal to inetorgperson
and sn
equal to Cezanne
.
(&(objectclass=inetorgperson)(sn=Cezanne))
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.568
Single-valued attribute.
For plug-ins that use WHEN timing only. 0 is disabled (default). 1 is enabled. This attribute can be set to enabled only if the orclPluginLDAPOperation attribute value is ldapbind
, ldapcompare
, or ldapmodify
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.559
Single-valued attribute.
Custom binary information (Java only)
1.3.6.1.4.1.1466.115.121.1.5
2.16.840.1.113894.1.1.574
Single-valued attribute.
Custom text information (Java only). To indicate a subtype, specify orclPluginFlexfield; subtypename
, for example, orclPluginFlexfield; minPwdLength: 8
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch
2.16.840.1.113894.1.1.573
Single-Valued attribute.
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch
2.16.840.1.113894.1.1.577
Single-Valued attribute.
The kind of plug-in. PL/SQL is the only allowed value.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.562
Single-valued attribute.
The LDAP operation that this plug-in supplements. Allowed values are:
ldapcompare
ldapmodify
ldapbind
ldapadd
ldapdelete
ldapsearch
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.557
Single-valued attribute.
The plug-in package name.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.552
Single-valued attribute.
The port that the plug-in is using.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.566
Single-valued attribute.
A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who can actually invoke the plug-in. For example, if you specify orclpluginrequestgroup:cn=security,cn=groups,dc=oracle,dc=com
, when you register the plug-in, then the plug-in will not be invoked unless the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.564
Single-valued attribute.
A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who cannot invoke the plug-in. For example, if you specify orclpluginrequestneggroup: cn=security,cn=groups,dc=oracle,dc=com
, when you register the plug-in, then the plug-in will not be invoked if the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.571
Single-valued attribute.
An integer value to specify the LDAP result code. If this value is specified, then the plug-in is invoked only if the ldap operation is in that result code scenario. This only applies if the value for the orclPluginTiming attribute is POST
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.565
Single-valued attribute.
Controls the type of bind used when the LDAP_PLUGIN package connects back to the same Oracle Internet Directory server.
1= SASL bind (default).
0= Simple bind.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.572
Single-valued attribute.
This only applies if the value for the orclPluginTiming attribute is POST
. Brings in the external entries if the entry is not found in Oracle Internet Directory. Provides additional plug-in invocation checking and ensures that the plug-in will only be invoked when the entry is not present in Oracle Internet Directory.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.570
Single-valued attribute.
File location of the program libraries for the plug-in. If this value is not present, then the Oracle Internet Directory server assumes the plug-in language is PL/SQL.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.556
Single-valued attribute.
A semicolon-separated DN list that controls if the plug-in takes effect. For example:
dc=COM,c=us;dc=us,dc=oracle,dc=com;dc=org,dc=us;o=IMC,c=US
If the target DN of an LDAP operation is included in the list, then the plug-in is invoked.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.561
Single-valued attribute.
Specifies when the plug-in is to be invoked in relation to the LDAP operation it supplements. The following values are allowed:
PRE
WHEN
POST
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.558
Single-valued attribute.
Valid value is operational
— Operational plug-ins augment existing LDAP operations. The work they perform depends on whether they execute before, after, or in addition to normal directory server operations.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.553
Single-valued attribute.
The supported version number of the plug-in.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.555
Single-valued attribute.
Number of plug-in threads per server process.
Integer
integerMatch
2.16.840.1.113894.1.1.612
Stores a process name.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.55
Single-valued attribute.
Identifies the product version.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.6
Contains a password for the OID proxy user.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.56
Single-valued attribute.
The base DN in the directory information tree (DIT) where the garbage collection task is applied. This attribute value is reserved for each garbage collector and it must not be modified. Defaults to the RDN of the garbage collector configuration entry DN.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.805
Single-valued attribute.
Flag to enable (1) or disable (0) collection of debugging messages. Default value is 0.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.810
Single-valued attribute.
Flag to enable (1) or disable (0) this garbage collector. Default value is 1.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.808
Single-valued attribute.
Absolute file directory where the garbage collection log file is saved. Default value is.
(period - the current directory).
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.812
Single-valued attribute.
The file name of the garbage collection log file. Default value is oidgc001.log
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.811
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.803
Single-valued attribute.
Time interval in hours that the garbage collection job is executed again. This can be measured from either the point in time specified in the orclPurgeStart attribute or from the last time it was run. Default value is 24.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.801
Single-valued attribute.
Every time this attribute is added or modified to a garbage collection entry, then the submitted job is executed immediately.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.809
Single-valued attribute.
Specifies the package name for purging directory objects.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.804
Single-valued attribute.
Specifies the schedule for purging directory objects.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integermatch
2.16.840.1.113894.1.1.24
Single-valued attribute.
DSA operational attribute.
The time when the garbage collector starts to run. The format is yyyymmddhhmmss
. Default value is 12:00 a.m. of the day Oracle Internet Directory is installed.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.813
Single-valued attribute.
This attribute enables time-based purging of change log records. Set this to the number of hours after which old change logs are purged. Time-based purging respects the change status of replication, but not the change status of other consumers. When time-based purging is enabled, the change log garbage collector purges all change logs that are not needed by replication and that are at least the specified number of hours old.
The default behavior is change number-based purging, meaning this attribute is NULL or set to a value less than zero. Change number-based purging respects the change status of all change log consumers. That is, it does not purge change logs unless they have been consumed by all consumers. In addition, it does not purge change logs until they are 10 days old.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.800
Single-valued attribute.
The number of objects to be purged in one commit transaction. The default value is 1000.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.802
Single-valued attribute.
It allows a user with the appropriate admininstration rights and priviledges to unlock an already locked account. However, it doesn't necessarily imply that the user affected (that is, who's account was locked) can unlock it by changing this attribute.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.203
Single-valued attribute.
Whether to allow password validations by comparing the hash values of encrypted passwords. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.218
Single-valued attribute.
Number of numeric characters required in a password. The default value is 1.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.205
Single-valued attribute.
If the value is 1, then the user password is stored in reversible encrypted form. If the value is 0, then the user password is stored in plain text.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.215
Single-valued attribute.
Lists the common words and attribute types whose values cannot be used as a valid password. By default, all words are acceptable password values.
1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.204
The time when a user account was locked for a specific IP address.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.211
Directory operational attribute.
Not user modifiable.
The time of a password failure.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.212
Directory operational attribute.
Not user modifiable.
Whether to enable account lockouts for a specific IP address. The value can be are 1 (for true) or 0 (for false).
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.200
Single-valued attribute.
The number of seconds you want to enforce account lockout for a specific IP address. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.201
Single-valued attribute.
The maximum number of failed logins from a specific IP address after which the account is locked.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.202
Single-valued attribute.
Maximum period of time in seconds after which an inactive account is automatically locked.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.379
Single-valued attribute.
Maximum number of times a single character type can be repeated in a password.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.415
Single-valued attribute.
Minimum number of alphabetic characters required in a password.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.411
Single-valued attribute.
Minimum number of non-alphanumeric characters required in a password.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.412
Single-valued attribute.
Minimum number of uppercase characters required in a password.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.413
Single-valued attribute.
orclpwdminlowercase
Minimum number of lowercase characters required in a password.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.414
Single-valued attribute.
Whether to enable or disable the password policy. The value can be are 1 (for enable) or 0 (for disable).
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.213
Single-valued attribute.
Enables or disables tracking of user's last login time; 1 for enabling and 0 for disabling (default).
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.377
Single-valued attribute
This attribute contains the values of different password verifier types, such as:
orclpwdverifierparams;authpassword: crypto:SASL/MDS $ realm:dc=com
orclpwdverifierparams;orclpasswordverifier: crypto:ORCLLM
orclpwdverifierparams;authpassword: crypto:ORCLWEBDAV $ realm:dc=com
1.3.6.1.4.1.1466.115.121.1.15{256} (Directory String, 256 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.209
Indicates the queue depth.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.144
Single-valued attribute.
Defines the queue latency.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.145
Single-valued attribute.
Specifies the number of Oracle Internet Directory server threads waiting to read from the network.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.142
Single-valued attribute.
Disables or enables preserving the letter case of required attributes in search result. Allowed values are 0 (disable) or 1 (enable). The default value is 0.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.423
Single-valued attribute
Refresh Dynamic Group Memberships.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch (Integer)
2.16.840.1.113894.1.1.416
Single-valued attribute
The DNs of the replication agreement entries.
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.105
Specifies whether timestamp or attribute version should be honored first during attribute level conflict resolution. 0 (default): timestamp first, 1: version number first
1.3.6.1.4.1.1466.115.121.1.27(Integer)
integerMatch
2.16.840.1.113894.1.1.899
Single valued attribute
Dynamically vary the number of threads assigned to transport and apply tasks based on load. 0: Off, 1: On.
If you set the server to auto tune, you must specify the number of maximum number of threads to be shared between these tasks. Restart server after changing.
Integer
integerMatch
2.16.840.1.113894.1.1.827
For LDAP-based replication only. The DN of the consumer replica in the replication agreement.
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.817
Naming attribute for the replica subentry. Its value is unique to each directory server node that is initialized at installation. The value of this attribute, assigned during installation, is unique to each directory node, and matches that of the orclreplicaID
attribute at the root DSE. You cannot modify this value.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.106
Single-valued attribute.
Contains the set of ldapURI
formatted addresses that can be used if the orclReplicaURI values cannot be used.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseExactIA5Match
2.16.840.1.113894.1.1.815
Defines the state of the replica. Possible values are:
0 (boot strapping)
1 (online)
2 (offline)
3 (bootstrap in progress)
4 (bootstrap in progress, cn=oraclecontext
bootstrap has completed)
5 (bootstrap completed, failure detected for one or more naming contexts)
6 (database copy based add node)
7 (sync schema)
8 (boot strap without schema sync)
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.818
Single-valued attribute.
Unique identifier of a one-way, two-way, or peer-to-peer replication group
Integer
integerMatch
2.16.840.1.113894.1.1.509
Defines the replication protocol for change propagation to replica. Values are:
ODS_ASR_1.0 (Oracle Database Advanced Replication-based protocol)
ODS_LDAP_1.0 (LDAP-based replication)
You cannot modify this attribute.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.29
Single-valued attribute.
Activation state of the replication server. 0-Inactive, 1-Active
Integer
integerMatch
2.16.840.1.113894.1.1.831
Defines the type of replica such as read-only or read/write. Possible values are:
0 (Read/Write)
1 (Read-Only)
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.816
Single-valued attribute.
Contains information in ldapURI
format that can be used to open a connection to this replica.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseExactIA5Match
2.16.840.1.113894.1.1.814
Single-valued attribute.
Oracle Internet Directory version of the replica.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.820
Single-valued attribute.
Maximum number of worker threads. Required if orclreplautotune
is set.
Integer
integerMatch
2.16.840.1.113894.1.1.826
Use SASL for replication binds. Values are auth
, auth-int
, and auth-conf
.
Directory String
caseIgnoreMatch; caseIgnoreSubstringMatch
2.16.840.1.113894.1.1.829
Stores the resource identifier.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.348
Specifies the name of the resource for which the connection information is being maintained.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.350
Specifies the name of the resource, for example, database, XMLPDS, JDBCPDS.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.351
Lists the users or groups of users who can view a Resource Access Descriptor.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.366
Reversible encrypted value of the user password. This attribute is generated only if the attribute value of orclPwdEncryptionEnable in the password policy entry is set to 1. This attribute cannot be queried.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
2.16.840.1.113894.1.1.216
Directory operational attribute.
Not user modifiable.
Enables referential integrity. 0: disabled, 1: enabled.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.1300
Single-valued attribute
Multi-valued attribute that specifies the Result Set Cache attributes. Default values are:
dn: cn=dsaconfig,cn=configsets,cn=oracle internet directory
orclrscacheattr: uid
orclrscacheattr: mail
orclrscacheattr: cn
orclrscacheattr: orclguid
Note:
Typically these attributes are not modified for the life of the entry. If an attribute has referential integrity enabled, that attribute should not be used.
1.3.6.1.4.1.1466.115.121.1.44
caseIgnoreMatch
2.16.840.1.113894.1.1.624
Multi-valued attribute.
Stores the value of Active Directory's SAMAccountName
attribute. In Oracle Internet Directory, this attribute is defined as a directory string type. However, in Active Directory this attribute cannot accept any special or non-printable characters. If any entry is added in Oracle Internet Directory with this attribute, it can only contain a simple text string or synchronization from Oracle Internet Directory to Active Directory will fail.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.903
Single-valued attribute.
SASL authentication mode indicates different modes depending on the type of authentication required and the level of security, such as, auth-only, auth-int, or auth-conf.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.700
Single-valued attribute.
Contains the SASL cipher choice. when the authentication mode is auth-conf, the SASL cipher choices can be 3DES, DES, RC4, RC4-56, or RC4-40.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.702
Indicates the different kinds of SASL mechanisms supported in the LDAP server. Currently, OID supports SASL-EXTERNAL and DIGEST-MD5.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.701
Determines whether to generate or stack file (default value 0) or OS level core file (value 1) in case the OID server crashes.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.407
Single-valued attribute.
Contains search base information to be used when performing the directory query for identity mapping.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.706
Single-valued attribute.
Contains search filter information to be used when performing the directory query for identity mapping.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.705
Single-valued attribute.
Contains search scope information to be used when performing the directory query for identity mapping.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.707
Single-valued attribute.
Indicates the secondary UID of a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.360
Specifies the sequence number for audit log entries.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.62
Specifies the Oracle Internet Directory server process memory growth as a percentage.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.148
Single-valued attribute.
Specifies if data can be written to the server. Valid values are:
r (read-only)
rw (read/write)
rm (read-modify, that is, to read and modify, but not to add or delete)
The default value is rw
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.51
Single-valued attribute.
Number of server processes to start. The default for configset0
is 1. You cannot use a negative value for this attribute.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.364
Single-valued attribute.
Specifies the DN of an instance of a service.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseExactMatch
2.16.840.1.113894.1.1.1102
Single-valued attribute.
Identifies all the service instances that are members of a logical service entity.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.1005
Specifies the DN where the list of users subscribed to a service is available.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseExactMatch
2.16.840.1.113894.1.1.1100
Single-valued attribute
Identifies the sub-types of a Service e.g. IMAP, SMTP are sub-type of an e-mail service.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1009
Single-valued attribute
Identifies the type of Service e.g. Email, Calendar, and so forth.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.4
Single-valued attribute
Stores the SID.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.5
Single-valued attribute
List of multivalued attributes that, when changed, cause a simplified change log to be generated.
DN
DistinguishedNameMatch
2.16.840.1.113894.1.1.823
Maximum number of entries to be returned by a search.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.10
Single-valued attribute
Attribute that contains names of attributes which are skewed. A skewed attribute has very different search response times depending on its value. You can uniform the response times for searches for such an attribute by adding it as a value of the orclskewedattribute attribute.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.405
Specifies whether to skip referral in SQL generated for searches. Its default value is 0. Set it to 1 if there are no referral entries in the directory; this will help optimizing search performance.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.410
Single-valued attribute
Represents a structural object class that includes common attributes for server manageability object classes.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.185
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.132
Single-valued attribute
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.134
Single-valued attribute
Type of SSL authentication to use for this instance of Oracle Internet Directory server. The default value of 1, specifies no SSL authentication. Different instances can have different values. One-way and two-way SSL authentication requires a wallet. You may use one of the following three values:
1 = Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption is used.
32 = One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.
64 = Two-way authentication. Both client and server send certificates to each other.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.13
Single-valued attribute
A cipher suite is a set of authentication, encryption, and data integrity algorithms used for exchanging messages between network nodes. During an SSL handshake, the two nodes negotiate to see which cipher suite they will use when transmitting messages back and forth. The following cipher suites are supported:
Table 8-3 SSL Cipher Suites Supported in Oracle Internet Directory
Cipher Suite | Authentication | Encryption | Data Integrity |
---|---|---|---|
SSL_RSA_WITH_3DES_EDE_CBC_SHA |
RSA |
3DES |
SHA |
SSL_RSA_WITH_RC4_128_SHA |
RSA |
RC4 |
SHA |
SSL_RSA_WITH_RC4_128_MD5 |
RSA |
RC4 |
MD5 |
SSL_RSA_WITH_DES_CBC_SHA |
RSA |
DES |
SHA |
SSL_RSA_EXPORT_WITH_RC4_40_MD5 |
RSA |
RC4_40 |
MD5 |
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA |
RSA |
DES40 |
SHA |
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA |
None |
3DES |
SHA |
SSL_DH_anon_WITH_RC4_128_MD5 |
None |
RC4 |
MD5 |
SSL_DH_anon_WITH_DES_CBC_SHA |
None |
DES |
SHA |
SSL_RSA_WITH_AES_128_CBC_SHA |
RSA |
AES |
SHA |
SSL_RSA_WITH_AES_256_CBC_SHA |
RSA |
AES |
SHA |
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum.
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.19
Flag for enabling or disabling SSL. Use this flag when you use different instances of the same server for either SSL or non-SSL. Allowed values are:
0—for non-secure operation only
1—for SSL authentication only
2— for both non-secure operation and SSL authentication
The default value is 0
.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.14
Single-valued attribute
Enable SSL interoperability with Oracle legacy applications using no-auth mode.
Starting with Oracle Internet Directory 11g Release 1 (11.1.1.7.0), the default value is disabled (orclsslinteropmode = 0), in order to be fully compliant with the JDK SSL.
In no-auth mode, Oracle legacy components developed before 11g Release 1 (11.1.1) such as legacy LDAP C clients can connect with Oracle Internet Directory only by using an instance that has interoperability mode enabled (orclsslinteropmode = 1).
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.422
Single-valued attribute
The default SSL default port for the directory server. Default value is 3133. When you run the directory in the secure mode, it listens at default port 3133 and accepts only SSL-based TCP/IP connections. (When you run the directory in the normal mode, it listens at default port 389, accepting normal TCP/IP connections.) You might want to change this port when you add multiple LDAP server instances.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.17
Single-valued attribute
SSL version. The default value is 3.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.18
Single-valued attribute
Sets the location of the Oracle Wallet. You initially set this value when you create the wallet. If you elect to change the location of the Oracle Wallet, you must change this parameter. You must set the wallet location on both the client and the server. For example, on UNIX, you could set this parameter as follows:
file:/home/my_dir/my_wallet
On Microsoft Windows, you could set this parameter as follows:
file:C:\my_dir\my_wallet
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.15
Single-valued attribute
Specifies list of user DNs for which to track LDAP operations.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.187
Enable or disable the Oracle Internet Directory Server Manageability framework. To enable, set this to 1. To disable, set it to 0.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.197
Single-valued attribute.
Level of statistics collection for users. There is only one valid value in this release, 1. Specifying this value collects the number of bind and compare operations against the directory and the user who performed each one.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.199
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.188
Single-valued attribute.
Time interval in minutes for gathering server manageability statistics. The default value is 60.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.198
Single-valued attribute.
Depending on the context of the object that it is applied to, like a service, it indicates if the service is available or not.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.9.1.9
Determines whether a superuser account is locked.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.192
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.100
Single-valued attribute.
Stores the full name of the configured realm.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.333
Single-valued attribute.
Stores a name of an attribute that holds the unique identifier of a realm.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.302
Single-valued attribute.
Specifies the DIT node that contains all realms.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.301
Defines the type of realm created.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.331
Single-valued attribute.
To have the directory server manage part of an LDAP directory, you can specify the highest level parent DNs in the server configuration. These DNs are called suffixes. The server can access all objects in the directory that are below the specified suffix in the directory hierarchy. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.6
Single-valued attribute.
Identifies the type of suite e.g ocs, ebiz, and so forth.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.1011
Single-valued attribute.
The number of failed login attempts for the directory superuser.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.191
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
The distinguished name of the directory superuser account, for example, cn=orcladmin
.
1.3.6.1.4.1.1466.115.121.1.12
distinguishedNameMatch
2.16.840.1.113894.1.1.8
Single-valued attribute.
Oracle Internet Directory superuser password.
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.9
Single-valued attribute.
Identifies the host name on which a particular instance of a service is running.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.3
Single-valued attribute.
Specifies the number of clients for which the Oracle Internet Directory server will close TCP connections.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.153
Single-valued attribute.
Specifies the number of clients for which the Oracle Internet Directory server will shut down TCP connections.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.152
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.154
Single-valued attribute.
Specifies the number of threads per supplier for the Oracle directory replication server.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integermatch
2.16.840.1.113894.1.1.31
DSA operational attribute.
Maximum number of seconds allowed for a search to be completed. The default value is 3600.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.65
Single-valued attribute.
Specifies the time zone applicable for a user location.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.311
Defines the time limit mode.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.406
Single-valued attribute.
Stores the total amount of free system physical memory.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.146
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.174
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.176
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.177
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.173
Single-valued attribute.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.175
Single-valued attribute.
Identifies the DN of the group that list all the applications that specific application trusts for Service to Service Authentication.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.368
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.175
Single-valued attribute.
Maximum number of operations allowed in a transaction.
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.381
Single-valued attribute
Maximum allowed time in a transaction (sec).
1.3.6.1.4.1.1466.115.121.1.27
integerMatch
2.16.840.1.113894.1.1.380
Single-valued attribute
Set to TRUE to display a user interface that is accessible to people with impaired vision.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
2.16.840.1.113894.1.1.367
Single-valued attribute.
The name of an attribute that you want to be unique. Autoboot uniqueness means that each entry must have a unique value for this attribute type.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.500
Single-valued attribute.
Disables or enables attribute uniqueness constraints. Allowed values are 0 (disable) or 1 (enable). The default value is 0.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.508
Single-valued attribute.
Specifies an object class filter for an attribute uniqueness constraint entry. This means the attribute specified in orclUniqueAttrNamemust be unique in an instance of this object class.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.503
Single-valued attribute.
The scope of the attribute uniqueness constrain in the DIT. Allowed values are:
base
—Searches the root entry only
onelevel
—Searches one level only
sub
—Searches the entire directory
The default value is sub
.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.501
Single-valued attribute.
When multiple attribute uniqueness constraints have the same values in orclUniqueAttrName, orclUniqueScope and orclUniqueObjectClass, but different values in orcluniquesubtree
, the union of subtree scopes specified by those attribute uniqueness constraints is checked.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.502
Single-valued attribute.
This attribute stores a password that is not synchronized with the entry in the userpassword.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
2.16.840.1.113894.1.1.217
Directory operational attribute.
Not user modifiable.
Replication update interval for new changes and those being retried. The value is in seconds.
1.3.6.1.4.1.1466.115.121.1.27
integermatch
2.16.840.1.113894.1.1.30
Directory operational attribute.
Not user modifiable.
Single-valued attribute.
Indicates whether rolling upgrade is in progress.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.104
Single-valued attribute.
The distinguished name (DN) of the user who performed an operation.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.16.840.1.113894.1.1.61
Specifies the attribute to use as the user identifier value when accessing the resource.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.16.840.1.113894.1.1.352
Single-valued attribute.
Specifies if the data is modifiable by the user that this resource access descriptor entry is created for.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch, caseIgnoreSubstringsMatch
1.2.3.4.5.6.1.11
A list of the object classes that comprise a user entity.
1.3.6.1.4.1.1466.115.121.1.15
caseIgnoreMatch
2.16.840.1.113894.1.1.329
The is the Kerberos user principal name for Microsoft Active Directory users.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.8.1.904
Single-valued attribute.
The release version of the Oracle Internet Directory server.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.7.1.1
Single-valued attribute.
Stores the wireless account number of a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.365
Single-valued attribute.
Identifies workflow notification preferences for a user.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
2.16.840.1.113894.1.1.313
Specifies the number of Oracle Internet Directory server threads waiting to write to the network.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
2.16.840.1.113894.1.1.143
Single-valued attribute.
Specifies the distinguished name (DN) of some object which has some responsibility for the associated object.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.5.4.32
The time stamp of when pilot mode was started for a replica.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
2.16.840.1.113894.1.1.825
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
The IP addresses of the preferred servers that a directory user agent should use in a space separated list. The servers in this list are tried in order before those in the defaultServerList until a successful connection is made. This has no default value. At least one server must be specified in either preferredServerList
or defaultServerList
.
1.3.6.1.4.1.1466.115.121.1.26 (Printable String)
caseIgnoreIA5Match
1.3.6.1.4.1.11.1.3.1.1.2
Single-valued attribute.
The time to live before a client directory user agent (DUA) should re-read this configuration profile. The values for profileTTL can be zero, to indicate no expiration, or a positive integer combined with one of the following letters to indicate the unit of measure:
d
: indicates days
h
: indicates hours
m
: indicates minutes
s
: indicates seconds
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.11.1.3.1.1.7
Single-valued attribute.
This attribute is used in conjunction with the presentationAddress
attribute, to provide additional information to the Open System Interconnection (OSI) network service.
1.3.6.1.4.1.1466.115.121.1.42 (Protocol Information)
protocolInformationMatch
2.5.4.48
The time stamp of when a user's account was locked.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
1.3.6.1.4.1.42.2.27.8.1.17
Single-valued attribute.
Directory operational attribute.
No user modification.
Reserved for future use.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
1.3.6.1.4.1.42.2.27.8.1.14
Single-valued attribute.
The time stamp indicating when the user's current password was created or modified.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
1.3.6.1.4.1.42.2.27.8.1.16
Single-valued attribute.
Directory operational attribute.
No user modification.
A value of 1 (default) means passwords are checked for syntax errors. A value of 0 means syntax checking is disabled.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.5
Single-valued attribute.
The time stamp when the first password expiration warning was sent to the user.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
1.3.6.1.4.1.42.2.27.8.1.18
Directory operational attribute.
No user modification.
The number of seconds before a password expires that a warning should be sent to the user. The user will see the warning when they attempt to log on during the warning period. If the user does not modify the password before it expires, the user is locked out until the password is changed by the administrator. The default value is 0, which means no warnings are sent.
For this feature to work, the client application must support it.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.7
Single-valued attribute.
The number of seconds after which the password failure times are purged from the user entry. If this attribute is not present, or if it has a value of 0, then failure times are never purged. The default value is 0
.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.12
Single-valued attribute.
The time stamp of consecutive failed login attempts by the user.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
1.3.6.1.4.1.42.2.27.8.1.19
Directory operational attribute.
No user modification.
Maximum number of grace logins allowed after a password expires. The default value is 0 (no grace logins allowed). The recommended value is 3.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.8
Single-valued attribute.
Number of seconds after account lockout to allow grace logins.
1.3.6.1.4.1.1466.115.121.1.27(Integer)
integerMatch
2.16.840.1.113894.1.1.418
Single-valued attribute.
The time stamps of each grace login for a user.
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
generalizedTimeMatch
1.3.6.1.4.1.42.2.27.8.1.21
Directory operational attribute.
No user modification.
A history of a user's previous passwords. The number of passwords stored in the history is determined by the pwdInHistory attribute.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
1.3.6.1.4.1.42.2.27.8.1.20
Single-valued attribute.
Directory operational attribute.
No user modification.
Number of previous passwords to be stored in the password history (pwdHistory). If a user attempts to reuse one of the passwords stored in the history, then the password is rejected. The default value is 0 (no previous passwords stored in the history).
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.4
Single-valued attribute.
Specification for whether users are locked out of the directory after the number of consecutive failed bind attempts specified by pwdMaxFailure. If the value of this policy attribute is TRUE, then users are locked out. If this attribute is not present, or if the value is FALSE, then users are not locked out and the value of pwdMaxFailure is ignored. By default, account lockout is enforced.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
1.3.6.1.4.1.42.2.27.8.1.9
Single-valued attribute.
The number of seconds a user is locked out of the directory if both of the following are true:
Account lockout is enabled.
The user has been unable to bind successfully to the directory for at least the number of times specified by pwdMaxFailure.
You can set user lockout for a specific duration, or until the administrator resets the user's password. A default value of 0 (zero) means that the user is locked out forever. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.10
Single-valued attribute.
The maximum number of seconds that a given password is valid. If this attribute is not present, or if the value is 0 (zero), then the password does not expire. By default, the passwords expire in 60 days.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.3
Single-valued attribute.
The number of consecutive failed bind attempts after which a user account is locked. If this attribute is not present, or if the value is 0 (zero), then the account is not locked due to failed bind attempts, and the value of the password lockout policy is ignored. The default is 4.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.11
Single-valued attribute.
This attribute holds the number of seconds that must elapse between modifications to the password. If this attribute is not present, 0 seconds is assumed.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.2
Single-valued attribute.
The minimum number of characters required in a password. The default is 5. The value for this attribute must be at least 1.
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
integerMatch
1.3.6.1.4.1.42.2.27.8.1.6
Single-valued attribute.
Indicator of whether users must change their passwords after the first login, or after the password is reset by the administrator. Enabling this option requires users to change their passwords even if user-defined passwords are disabled. By default, users need not change their passwords after reset. Allowed values are 1 (true) or 0 (false).
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
1.3.6.1.4.1.42.2.27.8.1.13
Single-valued attribute.
DN of the password policy applicable at the subtree rooted at this DN.
1.3.6.1.4.1.1466.115.121.1.34
distinguishedNameMatch
2.16.840.1.113894.1.1.417
Indicator that the password has been reset and must be changed by the user on first authentication. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
1.3.6.1.4.1.42.2.27.8.1.22
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Indicator of whether user must supply old password with new one when modifying password. By default, the old password is not required. Allowed values are TRUE or FALSE.
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
booleanMatch
1.3.6.1.4.1.42.2.27.8.1.15
Single-valued attribute.
A named reference. Values placed in the attribute must conform to the specification given for the labeledURI attribute (RFC 2079).
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseExactIA5Match
2.16.840.1.113730.3.1.34
DSA operational attribute.
Specifies the distinguished names of other directory objects which may be other aspects (in some sense) of the same real world object.
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
distinguishedNameMatch
2.5.4.34
The name of the server involved in an Oracle Directory Integration and Provisioning change subscription.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
caseIgnoreMatch
caseignoresubstringsmatch
2.16.840.1.113894.1.1.34
The authentication method for the service.
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
N/A
1.3.6.1.4.1.11.1.3.1.1.15
The credential level to be used by a service. The default value for all services is NULL. The supported credential levels are anonymous
or proxy
.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
N/A
1.3.6.1.4.1.11.1.3.1.1.13
Defines how and where an LDAP naming service client should search for information for a particular service. Contains a service name, followed by one or more semicolon-separated base-scope-filters.
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
caseExactIA5Match
1.3.6.1.4.1.11.1.3.1.1.8
The surname or last name of a user.
1.3.6.1.4.1.1466.115.121.1.15{32768} (Directory String, 32768 character maximum)
caseIgnoreMatch, caseIgnoreSubstringsMatch
2.5.4.4
List of controls supported by directory server.
OID
1.3.6.1.4.1.1466.101.120.13
The distinguished name for the member of a group.
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
distinguishedNameMatch
2.5.4.50
List of SASL mechanism supported.
Directory String
1.3.6.1.4.1.1466.101.120.14
The user's certificate.
1.3.6.1.4.1.1466.115.121.1.8 (Certificate)
octetStringMatch
2.5.4.36
The password used to authenticate a user to the directory.
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
octetStringMatch
2.5.4.35
Single-valued attribute.
PKCS#12 PFX PDU for exchange of personal identity information.
1.3.6.1.4.1.1466.115.121.1.5 (Binary)
N/A
2.16.840.1.113730.3.1.216