8 LDAP Attribute Reference

This chapter contains reference information about the LDAP attributes used for Oracle Identity Management. It contains the following topics:

For a list of attributes grouped by functional categories, see "Overview of Oracle Identity Management Schema Elements".

8.1 Standard LDAP Attributes

Oracle Internet Directory supports the following standard LDAP attributes as defined in the Internet Engineering Task Force (IETF) Requests for Comments (RFC) specifications.

Details of RFC specifications can be found on the IETF Web site at: http://www.ietf.org.

Table 8-1 Standard LDAP Attributes Used By Oracle Internet Directory

Attribute Name Specification

aliasedObjectName

RFC 2256

applicationEntity

RFC 2256

associatedDomain

RFC 1274

associatedName

RFC 1274

audio

RFC 1274

authorityRevocationList

RFC 2256

authPassword

RFC 3112

bootFile

RFC 2307

bootParameter

RFC 2307

businessCategory

RFC 2256

c

RFC 2256

caCertificate

RFC 2256

carLicense

RFC 2798

certificateRevocationList

RFC 2256

cn

RFC 2256

co

RFC 1274

crossCertificatePair

RFC 2256

dc

RFC 2247

deltaRevocationList

RFC 2256

departmentNumber

RFC 2798

description

RFC 2256

destinationIndicator

RFC 2256

displayName

RFC 2798

dITRedirect

RFC 1274

dmdName

RFC 2256

dNSRecord

RFC 1274

drink

RFC 1274

dSAQuality

RFC 1274

employeeNumber

RFC 2798

employeeType

RFC 2798

facsimileTelephoneNumber

RFC 2256

gecos

RFC 2307

gidNumber

RFC 2307

givenName

RFC 2798

homeDirectory

RFC 2307

homePhone

RFC 1274

homePostalAddress

RFC 1274

host

RFC 1274

initials

RFC 2256

internationalISDNNumber

RFC 2256

ipHostNumber

RFC 2307

ipNetmaskNumber

RFC 2307

ipNetworkNumber

RFC 2307

ipProtocolNumber

RFC 2307

ipServicePort

RFC 2307

ipServiceProtocol

RFC 2307

javaClassName

RFC 2713

javaClassNames

RFC 2307

javaCodebase

RFC 2307

javaDoc

RFC 2307

javaFactory

RFC 2307

javaReferenceAddress

RFC 2713

javaSerializedData

RFC 2713

janetMailbox

RFC 1274

jpegPhoto

RFC 1488

knowledgeInformation

RFC 2256

l

RFC 2256

labeledURI

RFC 2079

lastModifiedBy

RFC 1274

lastModifiedTime

RFC 1274

loginShell

RFC 2307

macAddress

RFC 2307

mail

RFC 2798

mailAlternateAddress

RFC 2256

mailHost

RFC 2256

mailPreferenceOption

RFC 1274

mailRoutingAddress

RFC 2256

manager

RFC 1274

member

RFC 2256

memberNisNetgroup

RFC 2307

memberUid

RFC 2307

mobile

RFC 1274

nisDomain

RFC 2307

nisMapEntry

RFC 2307

nisMapName

RFC 2307

nisNetgroupTriple

RFC 2307

nisPublicKey

RFC 2307

nisSecretKey

RFC 2307

o

RFC 2256

oncRpcNumber

RFC 2307

organizationalStatus

RFC 1274

otherMailbox

RFC 1274

ou

RFC 2256

owner

RFC 2256

pager

RFC 1274

personalSignature

RFC 1274

personalTitle

RFC 1274

photo

RFC 1274

physicalDeliveryOfficeName

RFC 2256

postalAddress

RFC 2256

postalCode

RFC 2256

postOfficeBox

RFC 2256

preferredDeliveryMethod

RFC 2256

preferredDeliveryMethod

RFC 2377

preferredLanguage

RFC 2798

presentationAddress

RFC 2256

protocolInformation

RFC 2256

ref

RFC 3296

registeredAddress

RFC 2256

roleOccupant

RFC 2256

roomNumber

RFC 1274

searchGuide

RFC 2256

secretary

RFC 1274

seeAlso

RFC 2256

serialNumber

RFC 2256

shadowExpire

RFC 2307

shadowFlag

RFC 2307

shadowInactive

RFC 2307

shadowLastChange

RFC 2307

shadowMax

RFC 2307

shadowMin

RFC 2307

shadowWarning

RFC 2307

sn

RFC 2256

st

RFC 2256

street

RFC 2256

subtreeMaximumQuality

RFC 1274

subtreeMinimumQuality

RFC 1274

supportedApplicationContext

RFC 2256

telephoneNumber

RFC 2256

teletexTerminalIdentifier

RFC 2256

telexNumber

RFC 2256

textEncodedORaddress

RFC 2377

title

RFC 2256

uid

RFC 2253

uidNumber

RFC 2307

uniqueIdentifier

RFC 1274

uniqueMember

RFC 2256

userCertificate;binary

RFC 2256

userClass

RFC 1274

userPassword

RFC 2256

userPKCS12

RFC 2798

userSMIMECertificate

RFC 2798

x121Address

RFC 2256

x500UniqueIdentifier

RFC 2256


8.2 Oracle Identity Management Attribute Reference

This section contains an alphabetical listing of the Oracle Identity Management attributes. These are the attributes used in entries pertaining to Oracle Internet Directory, Oracle Directory Integration Platform, Oracle Delegated Administration Services, and Oracle Single Sign-On.

Note:

Oracle Fusion Middleware 11g Release 1 (11.1.1) does not include Oracle Single Sign-On or Oracle Delegated Administration Services. Oracle Internet Directory 11g Release 1 (11.1.1), however, is compatible with Oracle Single Sign-On and Oracle Delegated Administration Services 10g (10.1.4.3.0) or later.

See Also:

The chapter on managing system configuration attributes in Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory.

8.2.1 attributeMap

Description

Attribute mappings used by the POSIX naming directory user agent (DUA).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.9

8.2.2 attributeTypes

Description

Attribute types supported by the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.3 (Attribute Type Description)

Matching Rule

objectIdentifierFirstComponentMatch

Object ID

2.5.21.5

Other

Directory operational attribute.

8.2.3 authenticationMethod

Description

Identifies the type of authentication method used to contact the directory server agent (DSA).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.6

Other

Single-valued attribute.

8.2.4 authPassword

Description

Attribute for storing a password to an Oracle component when that password is the same as that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is synchronized with that in the userPassword attribute.

Several different applications can require the user to enter the same clear text password used for the directory, but each application may hash it with a different algorithm. In this case, the same clear text password can become the source of several different password verifiers.

This attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password. If the userpassword attribute is modified, then the authpassword values for all applications are regenerated.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

1.3.6.1.4.1.4203.1.3.4

8.2.5 bindTimeLimit

Description

Maximum time in seconds a POSIX directory user agent (DUA) should allow for a search to complete.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.11.1.3.1.1.4

Other

Single-valued attribute.

8.2.6 c

Description

Specifies the country associated with a user's address.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.5.4.6

Other

Single-valued attribute.

8.2.7 changeloginfo

Description

Attribute that provides additional change log information, such as the value of the client IP address. For example:

changeloginfo=clientip=::ffff:10.229.116.104

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.510

Other

Single-valued attribute.

8.2.8 changestatus

Description

The last change number transported by the replication server.

Syntax

DN

Matching Rule

DistinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.22

8.2.9 cn

Description

The common name (nickname) attribute which contains the name of an object. If the object corresponds to a user, it is typically the user's full name. A cn (common name) isn't unique, whereas a dn (distinguished name) is unique.

For example, if ABC corp employs two people with the name John Smith, one in HR and one in Finanace then they both would have a cn=John Smith, but they would have unique DNs because the DN would take the form:

cn=John Smith, ou=HR, o=ABC or
cn=John Smith, ou=Finance, 0=ABC

Where ou= organizational unit, and o=organization

Syntax

1.3.6.1.4.1.1466.115.121.1.44 (Printable String)

Matching Rule

caseIgnoreMatch

Object ID

2.5.4.3

8.2.10 contentRules

Description

Specifies the permissible content of entries of a particular structural object class through the identification of an optional set of auxiliary object classes, mandatory, optional, and precluded attributes.

Syntax

1.3.6.1.4.1.1466.115.121.1.16 (DIT Content Rule Description)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1004

8.2.11 createTimestamp

Description

The time that the entry was created.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rules

generalizedTimeMatch

Object ID

2.5.18.1

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.12 creatorsName

Description

The DN of the entity (such as a user or an application) that created the entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.5.18.3

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.13 credentialLevel

Description

Identifies the type of credentials a POSIX directory user agent (DUA) should use when binding to the directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.10

Other

Single-valued attribute.

8.2.14 defaultSearchBase

Description

The default base DN used by a POSIX directory user agent (DUA).

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

1.3.6.1.4.1.11.1.3.1.1.1

Other

Single-valued attribute.

8.2.15 defaultSearchScope

Description

User defined search scope used by a POSIX directory user agent (DUA).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

N/A

Object ID

1.3.6.1.4.1.11.1.3.1.1.12

Other

Single-valued attribute.

8.2.16 defaultServerList

Description

The IP addresses of the default servers that a directory user agent (DUA) should use in a space separated list. After the servers in preferredServerList are tried, those default servers on the client's subnet are tried, followed by the remaining default servers, until a connection is made. At least one server must be specified in either preferredServerList or defaultServerList. This attribute has no default value.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.0

Other

Single-valued attribute.

8.2.17 description

Description

An optional description for the entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.5.4.13

8.2.18 displayName

Description

The preferred name used when displaying the entry in the GUI tools.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113730.3.1.241

Other

Single-valued attribute.

8.2.19 followReferrals

Description

Tells a POSIX directory user agent (DUA) if it should follow referrals returned by a directory server agent (DSA) search result.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.5

Other

Single-valued attribute.

8.2.20 javaClassName

Description

Fully qualified name of a distinguished Java class or interface.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseExactMatch

Object ID

1.3.6.1.4.1.42.2.27.4.1.6

Other

Single-valued attribute.

8.2.21 jpegPhoto

Description

A photograph file in JPEG format.

Syntax

1.3.6.1.4.1.1466.115.121.1.28 (Binary)

Matching Rule

octetStringMatch

Object ID

0.9.2342.19200300.100.1.60

8.2.22 krbPrincipalName

Description

Contains the Kerberos principal name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

1.3.18.0.2.4.1091

Other

Single-valued attribute.

8.2.23 labeledURI

Description

Uniform Resource Locator (URL).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

1.3.6.1.4.1.250.1.57

8.2.24 ldapSyntaxes

Description

Identifies the LDAP syntaxes implemented in the directory schema.

Syntax

1.3.6.1.4.1.1466.115.121.1.54 (LDAP Syntax Description)

Matching Rule

objectIdentifierFirstComponentMatch

Object ID

1.3.6.1.4.1.1466.101.120.16

Other

Directory operational attribute.

8.2.25 mail

Description

This attribute is defined in RFC 1274. Identifies a user's primary e-mail address (the e-mail address retrieved and displayed by "white-pages" lookup applications).

For example: mail: user.name@example.com

Syntax

1.3.6.1.4.1.1466.115.121.1.26{256} (IA5 String, 256 character maximum)

Matching Rule

caseIgnoreIA5Match

Object ID

0.9.2342.19200300.100.1.3

8.2.26 matchingRules

Description

Identifies the matching rules implemented in the directory schema.

Syntax

1.3.6.1.4.1.1466.115.121.1.30 (Matching Rule Description)

Matching Rule

objectIdentifierFirstComponentMatch

Object ID

2.5.21.4

Other

Directory operational attribute.

8.2.27 middleName

Description

A user's middle name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

1.3.6.1.4.1.1466.101.120.34

8.2.28 modifiersName

Description

The DN of the entity (such as a user or application) that last updated the entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.5.18.4

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.29 modifyTimestamp

Description

The time the entry was last modified.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.5.18.2

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.30 namingContexts

Description

Top-level DNs for the naming contexts contained in this server. You must have superuser privileges to publish a DN as a naming context. There is no default value.

This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

N/A

Object ID

1.3.6.1.4.1.1466.101.120.5

Other

DSA operational attribute.

8.2.31 objectClass

Description

The list of object classes from which this object class is derived.

Syntax

1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)

Matching Rule

objectIdentifierMatch

Object ID

2.5.4.0

8.2.32 objectClasses

Description

Defines the object classes which are in force within a subschema.

Syntax

1.3.6.1.4.1.1466.115.121.1.37 (Object Class Description)

Matching Rule

objectIdentifierFirstComponentMatch

Object ID

2.5.21.6

Other

Directory operational attribute.

8.2.33 objectClassMap

Description

A mapping from an object class defined by a directory user agent (DUA) to an object class in an alternative schema used in the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

N/A

Object ID

1.3.6.1.4.1.11.1.3.1.1.11

8.2.34 orclACI

Description

Access control instructions are stored in the directory as attributes of entries. The orclACI attribute is an operational attribute; it is available for use on every entry in the directory, regardless of whether it is defined for the object class of the entry. It is used by the directory server to evaluate what rights are granted or denied when it receives an LDAP request from a client.

Syntax

1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)

Matching Rule

accessDirectiveMatch

Object ID

2.16.840.1.113894.1.1.42

8.2.35 orclACLResultsLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.129

Other

Single-valued attribute.

8.2.36 orclActivateReplication

Description

Specifies that replication be activated on the replication server designated by orclOidInstanceName and orclOidComponentName. 1: Start replication server, 0: Stop replication server.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.616

8.2.37 orclActiveConn

Description

Specifies the number of active connections to the Oracle Internet Directory server, including client LDAP connections and database connections.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.150

Other

Single-valued attribute.

8.2.38 orclActiveEndDate

Description

Specifies the date and time beyond which a user account is no longer active and beyond which the user is not allowed to authenticate.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.339

Other

Single-valued attribute.

8.2.39 orclActiveStartdate

Description

Specifies the date and time that a user account is active and the user is allowed to authenticate. If not specified, then the user is considered active immediately.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.330

Other

Single-valued attribute.

8.2.40 orclActiveThreads

Description

Specifies the number of active threads on the Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.140

Other

Single-valued attribute.

8.2.41 orclAgreementId

Description

Naming attribute for the replication agreement entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.26

Other

Single-valued attribute.

8.2.42 orclagreementtype

Description

Replication agreement type: '0-OneWay 1-TwoWay, 2-LDAP Multimaster, 3-ASR Multimaster.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.511

8.2.43 orclAnonymousBindsFlag

Description

Specifies whether anonymous binds to the directory are allowed or not. If set to 2, anonymous binds are allowed, but only search operations on root DSE entry are allowed for anonymous users. If set to 1, then anonymous binds are allowed. If set to 0 (zero), then anonymous binds are not allowed. The default is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.299

Other

Single-valued attribute.

8.2.44 orclAppFullName

Description

The full name of an application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.320

8.2.45 orclAppId

Description

The unique identifier of an application entry associated with a password verifier.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.207

Other

Single-valued attribute.

8.2.46 orclApplicationAddress

Description

The address of the application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.318

8.2.47 orclApplicationCommonName

Description

The common name (cn) of the application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.319

8.2.48 orclApplicationType

Description

Identifies the application type, such as Oracle Portal.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.280

Other

Single-valued attribute.

8.2.49 orclAssocDB

Description

Identifies the associated Oracle Database instance with the application or service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1007

8.2.50 orclAssocIasInstance

Description

Identifies the associated Oracle Application Server instance with the application or service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1006

8.2.51 orclAttrACLEvalLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.138

Other

Single-valued attribute.

8.2.52 orclAudCustEvents

Description

A comma-separated list of events and category names to be audited. Custom events are only applicable when orclAudFilterPreset is Custom.

Examples include:

Authentication.SUCCESSESONLY,
Authorization(Permission -eq 'CSFPerfmission") 

Syntax

IA5 String

Matching Rule

caseExactIAI5Match

Object ID

2.16.840.1.113894.1.1.373

8.2.53 orclAudFilterPreset

Description

Replaces the audit levels used in 10g (10.1.4.0.1) and earlier releases. Values are None, Low, Medium, All, and Custom.

Syntax

IA5 String

Matching Rule

caseExactIAI5Match

Object ID

2.16.840.1.113894.1.1.372

8.2.54 orclAuditAttribute

Description

Identifies the audit attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.58

8.2.55 orclAuditMessage

Description

Stores an audit message.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.59

8.2.56 orclAudSplUsers

Description

A comma separated list of users for whom auditing is always enabled, even if orclAudFilterPreset is None.

For example:

cn=orcladmin.

Syntax

IA5 String

Matching Rule

caseExactIAI5Match

Object ID

2.16.840.1.113894.1.1.374

8.2.57 orclBERgenLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.139

Other

Single-valued attribute.

8.2.58 orclcachenotifyip

Description

Configuration attribute that associates a port number with an IP address in order to allow Oracle Internet Directory servers to communicate with each other in a cluster environment when cached data is changed.

The servers communicate with each other using the the LDAP protocol. For example, the following LDIF file, which you can load using the ldapmodify command, associates port number 5678 with IP address 10.10.10.4 for the oid1 instance:

dn: cn=oid1,cn=osdldapd,cn=subconfigsubentry
changetype: modify
add: orclcachenotifyip;5678
orclcachenotifyip;5678: 10.10.10.4

When orclcachenotifyip is configured for an Oracle Internet Directory instance, the IP address must be local to the node where the instance is running.

Syntax

1.3.6.1.4.1.1466.115.121.1.44

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.640

8.2.59 orclCatalogEntryDN

Description

Contains the DN of the catalog entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.50

Other

Single-valued attribute.

8.2.60 orclCategory

Description

Identifies the business category of a service or an application entity

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.317

8.2.61 orclCertExtensionAttribute

Description

Holds the OID of a field within an extension field of the client certificate.

Syntax

1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)

Matching Rule

objectIdentifierMatch

Object ID

2.16.840.1.113894.1.1.711

Other

Single-valued attribute.

8.2.62 orclCertExtensionOID

Description

Holds the extension field OID of the client certificate.

Syntax

1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)

Matching Rule

objectIdentifierMatch

Object ID

2.16.840.1.113894.1.1.709

Other

Single-valued attribute.

8.2.63 orclCertificateHash

Description

This is a special catalog attribute used for certificate matching. The value of this attribute is computed by calculating a hash of the user certificate when it is added to Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.184

Other

Single-valued attribute.

Not user modifiable.

8.2.64 orclCertificateMatch

Description

This is a special catalog attribute used for certificate matching. The value of this attribute contains the correct matching value to use for a user certificate based on the orclPKIMatchingRule setting.

Syntax

1.3.6.1.4.1.1466.115.121.1.44 (Printable String)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.183

Other

Single-valued attribute.

Not user modifiable.

8.2.65 orclCertMappingAttribute

Description

Holds the standard field OID of the client certificate.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.708

Other

Single-valued attribute.

8.2.66 orclChangeLogLife

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.806

Other

Single-valued attribute.

DSA operational attribute.

8.2.67 orclChangeRetryCount

Description

The number of processing retry attempts for a replication change-entry before being moved to the human intervention queue. The value for this parameter must be equal to or greater than 1 (one).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.23

Other

Single-valued attribute.

DSA operational attribute.

8.2.68 orclCommonAutoRegEnabled

Description

Specifies if auto-registration is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.567

Other

Single-valued attribute.

8.2.69 orclCommonContextMap

Description

Stores the common context map.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.904

Other

Single-valued attribute.

8.2.70 orclCommonDefaultUserCreateBase

Description

Identifies the default user creation base where users are created.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.908

Other

Single-valued attribute.

8.2.71 orclCommonGroupCreateBase

Description

Identifies the group creation base under which Oracle Delegated Administration Services creates groups

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.903

8.2.72 orclCommonNamingAttribute

Description

Specifies the name of the attribute that is used as an RDN component when creating a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.900

8.2.73 orclCommonNicknameAttribute

Description

Specifies the name of the attribute that uniquely identifies users.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.7

Other

Single-valued attribute.

8.2.74 orclCommonSASLRealm

Description

Identifies the common SASL realm. This attribute contains a string value specifying a subset of related entries under a subscriber realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.20

Other

Single-valued attribute.

8.2.75 orclCommonUserSearchBase

Description

Identifies the branch that contains user entries.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.7.1.10

8.2.76 orclCommonVerifierEnable

Description

If this attribute is enabled then the common verifier is used for all related applications. If this attribute is disabled then each application must setup their own verifier profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.214

Other

Single-valued attribute.

8.2.77 orclCommonVerifierEnable

Description

If this attribute is enabled then the common verifier is used for all related applications. If this attribute is disabled then each application must setup their own verifier profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.214

Other

Single-valued attribute.

8.2.78 orclCompatibleVersion

Description

The Oracle Internet Directory version. Do not modify this attribute. It must be present for Oracle Internet Directory 11.1.1.6 or later to work with the schema. Values can be:

  • orclcompatibleversion 11.1.1.6.0

  • orclcompatibleversion 11.1.1.7.0

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1302

Other

Multi-valued attribute.

8.2.79 orclComputedAttribute

Description

Attribute that allows a configurable attribute and its value to be dynamically computed based on one or more specific rules.

See Also:

The "Managing Computed Attributes" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory for more information.

Syntax

1.3.6.1.4.1.1466.115.121.1.44

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.628

Other

Multi-valued attribute.

8.2.80 orclconflresolution

Description

Automatically resolve replication conflicts. When this feature is enabled, conflicts in the Human Intervention Queue are automatically moved to the purge queue if the supplier's schema and consumer's schema match.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.828

8.2.81 orclConnectByAttribute

Description

The attribute type name that you want to use as the filter for a dynamic group query—for example, manager.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1001

Other

Single-valued attribute.

8.2.82 orclConnectBySearchBase

Description

A naming context in the DIT that you want to use as the base for a dynamic group query—for example, l=us,dc=mycompany,dc=com. This attribute is currently not used.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1003

Other

Single-valued attribute.

8.2.83 orclConnectByStartingValue

Description

For a dynamic group query, this specifies the DN of the attribute you specified in the orclConnectByAttribute attribute—for example, Anne Smith.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.1002

Other

Single-valued attribute.

8.2.84 orclConnectionFormat

Description

Specifies the format used to construct the connect string associated with a resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.354

Other

Single-valued attribute.

8.2.85 orclContact

Description

Identifies a contact person for an organization or an application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.332

Other

Single-valued attribute.

8.2.86 orclCryptoScheme

Description

The hash algorithm used to encrypt passwords that are stored in the directory. Options are: MD4, MD5, No encryption, SHA, SSHA,SHA256, SHA384, SHA512, SSHA256, SSHA384, SSHA512, SMD5, or UNIX Crypt. The default is SSHA.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.68

Other

Single-valued attribute.

8.2.87 orclDASAdminModifiable

Description

Specifies whether administration of this entry is available through Oracle Delegated Administration Services.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.324

Other

Single-valued attribute.

8.2.88 orclDASAttrDispOrder

Description

Specifies the display order of an attribute in Oracle Delegated Administration Services.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.341

8.2.89 orclDASAttrName

Description

Specifies the name of an attribute to show in Oracle Delegated Administration Services.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.340

8.2.90 orclDASEnableProductLogo

Description

Specifies whether to display a product logo on the Identity Management Realm Configuration window of Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.362

Other

Single-valued attribute.

8.2.91 orclDASEnableSubscriberLogo

Description

Specifies whether to display a realm logo on the Identity Management Realm Configuration window of Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.361

Other

Single-valued attribute.

8.2.92 orclDASIsEnabled

Description

Specifies whether an attribute is enabled for Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.344

Other

Single-valued attribute.

8.2.93 orclDASIsMandatory

Description

Specifies whether an attribute is mandatory for Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.321

Other

Single-valued attribute.

8.2.94 orclDASIsPersonal

Description

Specifies whether an attribute is personal information to be supplied by a user in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.326

Other

Single-valued attribute.

8.2.95 orclDASLOV

Description

The list of values to display to users in the UI when the orclDASUIType=Predefined List.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.328

8.2.96 orclDASPublicGroupDNs

Description

Specifies the DNs of groups available for Oracle Delegated Administration Services.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.343

8.2.97 orclDASSearchable

Description

Specifies whether of not this attribute is searchable in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.906

Other

Single-valued attribute.

8.2.98 orclDASSearchColIndex

Description

Indicates the position in the DAS search result table column, if present.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.902

Other

Single-valued attribute.

8.2.99 orclDASSearchFilter

Description

Specifies whether the attribute is searchable through Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.325

Other

Single-valued attribute.

8.2.100 orclDASSearchSizeLimit

Description

The maximum number of entries to return in a Oracle Delegated Administration Services search.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.363

Other

Single-valued attribute.

8.2.101 orclDASSelfModifiable

Description

Specifies whether an attribute is modifiable by the user in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.322

Other

Single-valued attribute.

8.2.102 orclDASUIType

Description

Specifies the UI field type for an attribute when displayed in Oracle Delegated Administration Services. Options are:

  • Single Line Text

  • Multi Line Text

  • Predefined List

  • Date

  • Browse and Select

  • Number

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.327

Other

Single-valued attribute.

8.2.103 orclDASURL

Description

The corresponding URL of an Oracle Delegated Administration Services unit.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.310

8.2.104 orclDASURLBase

Description

This holds the URL base in install area for Oracle Delegated Administration Services.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.345

8.2.105 orclDASValidatePwdReset

Description

Specifies whether this attribute can be used for password reset validation purposes in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.905

Other

Single-valued attribute.

8.2.106 orclDASViewable

Description

Specifies whether this attribute is viewable through Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.323

Other

Single-valued attribute.

8.2.107 orcldataprivacymode

Description

Data Privacy mode. Sensitive attributes encrypted when returned.

0: Disabled, 1: Enabled

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.890

8.2.108 orclDateOfBirth

Description

Specifies the date on which a user was born.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.307

Other

Single-valued attribute.

8.2.109 orclDBConnCreationFailed

Description

Indicates a connection failure to the database in an error log entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.155

Other

Single-valued attribute.

8.2.110 orclDBLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.130

Other

Single-valued attribute.

8.2.111 orclDBSchemaIdentifier

Description

DN of the DB registration entry in OID that an application entity uses.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.347

8.2.112 orclDBType

Description

The type of database used. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.5

Other

Single-valued attribute.

8.2.113 orclDebugFlag

Description

The debug level associated with a server instance. The default for is 0 (zero). The valid range is 0 to 402653184.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.97

Other

Single-valued attribute.

8.2.114 orclDebugForceFlush

Description

Specifies whether debug messages are to be written to the log file when a message is logged by the directory server. To enable it, set its value to 1. To disable it set it to 0, which is its default value.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.193

Other

Single-valued attribute.

8.2.115 orcldebuglevel

Description

Replication server debug level.

Values are additive:

0: No Debug Log, 2097152: Replication Performance Log, 4194304: Replication Debug Log, 8388608: Function Call Trace, 16777216: Heavy Trace Log

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.3

8.2.116 orclDebugOp

Description

To make logging more focused, limits logged information to particular directory server operations by specifying the debug dimension to those operations. Values for operations are:

  • 1 - ldapbind

  • 2 - ldapunbind

  • 4 - ldapadd

  • 8 - ldapdelete

  • 16 - ldapmodify

  • 32 - ldapmodrdn

  • 64 - ldapcompare

  • 128 - ldapsearch

  • 264 - ldapabandon

  • 511 - all operations

To log more than one operation, add the values of their dimensions. For example, if you want to trace ldapbind (1), ldapadd (4) and ldapmodify (16) operations, then the value would be 21 (1 + 4 + 16 = 21).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.601

Other

Single-valued attribute.

8.2.117 orclDefaultProfileGroup

Description

Holds the DN of the group to designate the default group for a user, such that a default profile can be built for the user based on this attribute value.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.309

Other

Single-valued attribute.

8.2.118 orclDefaultSubscriber

Description

Identifies the default realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.312

8.2.119 orclDIMEonlyLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.131

Other

Single-valued attribute.

8.2.120 orclDIPRepository

Description

Used to determine if the directory is used as the Oracle Directory Integration and Provisioning repository.

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.124

Other

Single-valued attribute.

8.2.121 orclDirectoryVersion

Description

The version of Oracle Internet Directory. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.67

Other

Single-valued attribute.

8.2.122 orclDirReplGroupAgreement

Description

Contains the directory replication group agreement DN.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.25

Other

DSA operational attribute.

8.2.123 orclDirReplGroupDSAs

Description

For Oracle Database Advanced Replication-based directory replication groups (DRGs), the orclReplicaID values of all the nodes in the DRG. This list must be identical on all nodes in the group. This attribute is not applicable for LDAP-based replication agreements.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.48

Other

DSA operational attribute.

8.2.124 orclDisplayPersonalInfo

Description

Specifies if the user's personal information should be displayed in white pages queries. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.304

Other

Single-valued attribute.

8.2.125 OrclDispThreads

Description

Number of dispatcher threads per server process.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.613

8.2.126 orclDITRoot

Description

The root of the directory information tree (DIT). This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.7

Other

Single-valued attribute.

8.2.127 orclDNSUnavailable

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.161

Other

Single-valued attribute.

8.2.128 orclEcacheEnabled

Description

Specifies whether to enable or disable the Entry Cache or Result Set Cache. Values can be:

  • 0: Disable both the Entry Cache and Result Set Cache.

  • 1: Enable the Entry Cache only (default value).

  • 2: Enable both the Entry Cache and Result Set Cache.

If you change the attribute value, restart the Oracle Internet Directory server instance for the new value to take effect.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.400

Other

Single-valued attribute.

8.2.129 orclEcacheHitRatio

Description

Stores the cache hit ratio.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.170

Other

Single-valued attribute.

8.2.130 orclEcacheMaxEntries

Description

Maximum number of entries that can be present in the entry cache. The default is 25,000.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.402

Other

Single-valued attribute.

8.2.131 orclEcacheMaxSize

Description

Maximum number of bytes of RAM that the entry cache can use. The default is 100 MB.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.401

Other

Single-valued attribute.

8.2.132 orclEcacheNumEntries

Description

The number of entries currently in the entry cache.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.171

Other

Single-valued attribute.

8.2.133 orclEcacheSize

Description

The current size of the entry cache.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.172

Other

Single-valued attribute.

8.2.134 orclEnabled

Description

Determines whether an application is enabled or disabled for use.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.1008

Other

Single-valued attribute.

8.2.135 orclEnableGroupCache

Description

Whether to cache privilege groups and ACL groups. Using this cache improves the performance of access control evaluation for users.

Use the group cache when a privilege group membership does not change frequently. If a privilege group membership does change frequently, then it is best to turn off the group cache. This is because, in such a case, computing a group cache increases overhead. The default is 1 (enabled). Change to 0 (zero) to disable.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.403

Other

Single-valued attribute.

8.2.136 orclencryptedattributes

Description

List of attributes to be stored in an encrypted form.

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.419

8.2.137 orclEntryACLEvalLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.136

Other

Single-valued attribute.

8.2.138 orclEntryLevelACI

Description

Specifies the ACI that holds object level ACL.

Syntax

1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)

Matching Rule

accessDirectiveMatch

Object ID

2.16.840.1.113894.1.1.43

8.2.139 orclEventLevel

Description

Specifies critical events related to security and system resources to be recorded for server manageability statistics. The default value is 0. Table 8-2 lists the level values.

Table 8-2 Event Levels

Level Value Critical Event Information It Provides

1

Superuser login

Super uses bind (successes or failures)

2

Proxy user login

Proxy user bind (failures)

4

Replication login

Replication bind (failures)

8

Add access

Add access violation

16

Delete access

Delete access violation

32

Write access

Write access violation

64

ORA 3113 error

Loss of connection to database

128

ORA 3114 error

Loss of connection to database

256

ORA 28 error

ORA-28 Error

512

ORA error

ORA errors other an expected 1, 100, or 1403

1024

Oracle Internet Directory server termination count

 

2047

All critical events

 

For events other than superuser, proxy user, and replication login, set the value of the orclStatsFlag attribute to 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.195

Other

Single-valued attribute.

8.2.140 orclEventTime

Description

The time that a logged directory event occurred.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.60

8.2.141 orclEventType

Description

The type of logged directory event.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.57

8.2.142 orclExcludedAttributes

Description

Specifies an attribute (within the specified naming context) to be excluded from replication. Applies to partial replication only.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.506

Other

DSA operational attribute.

8.2.143 orclExcludedNamingContexts

Description

For Oracle Database Advanced Replication-based agreements, this attribute specifies one or more subtrees to be excluded from replication.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.47

Other

DSA operational attribute.

8.2.144 orclFDIncreaseError

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.163

Other

Single-valued attribute.

8.2.145 orclFilterACLEvalLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.137

Other

Single-valued attribute.

8.2.146 orclFlexAttribute1

Description

An additional attribute for storing more information about a resource, service, or component.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.355

8.2.147 orclFlexAttribute2

Description

An additional attribute for storing more information about a resource, service, or component.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.356

8.2.148 orclFlexAttribute3

Description

An additional attribute for storing more information about a resource, service, or component.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.357

8.2.149 orclFrontLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.128

Other

Single-valued attribute.

8.2.150 orclGender

Description

The gender of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.346

Other

Single-valued attribute.

8.2.151 orclgeneratechangelog

Description

Enables change log generation 1-generate change log, 0-Do not generate change log

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.617

8.2.152 orclGenObjLatency

Description

Stores the general object latency.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.133

Other

Single-valued attribute.

8.2.153 orclGetNearACLLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.135

Other

Single-valued attribute.

8.2.154 orclGlobalID

Description

Specifies the attribute that is used to identify the global ID of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.8

Other

Single-valued attribute.

8.2.155 orclGUID

Description

This is the global unique identifier for an entry within Oracle Internet Directory. The value for this attribute is automatically generated when an entry is created and remains constant, even if an entry is moved.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.37

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.156 orclGUPassword

Description

Password for the guest user account in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.12

Other

Single-valued attribute.

8.2.157 orclHashedAttributes

Description

List of attributes whose values are hashed, using the crypto scheme set in the root DSE attribute orclcryptoscheme.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (caseIgnoreSubstringsMatch)

Matching Rule

caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.376

Other

Multi-valued attribute

Notes:

  • Never include the same attribute in both orclhashedattributes and orclencryptedattributes.

  • Only single-valued attributes can be hashed attributes.

8.2.158 orclHIQSchedule

Description

The interval, in seconds, at which the directory replication server repeats the change application process.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.98

Other

Single-valued attribute.

DSA operational attribute.

8.2.159 orclHireDate

Description

Specifies the date on which a user was hired by the organization.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.308

Other

Single-valued attribute.

8.2.160 orclHostedCreditCardExpireDate

Description

The credit card expiration date for a subscriber.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.338

Other

Single-valued attribute.

8.2.161 orclHostedCreditCardNumber

Description

The credit card number for a subscriber.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.337

Other

Single-valued attribute.

8.2.162 orclHostedCreditCardType

Description

The credit card type for a subscriber.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.336

Other

Single-valued attribute.

8.2.163 orclHostedDunsNumber

Description

The DUNS number of a business subscriber. DUNS (Data Universal Numbering System) is a unique nine character company identification number issued by Dun and Bradstreet Corporation used to identify a US corporate entity.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.334

Other

Single-valued attribute.

8.2.164 orclHostedPaymentTerm

Description

Payment terms for a subscriber account.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.335

Other

Single-valued attribute.

8.2.165 orclHostname

Description

The host name of the Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.41

Other

Single-valued attribute.

8.2.166 orclIdleConn

Description

The number of open connections that are currently inactive. Oracle Internet Directory tracks the idle connections for server manageability statistics.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.151

Other

Single-valued attribute.

8.2.167 orclIdleThreads

Description

The number of Oracle Internet Directory server process threads that are currently inactive. Oracle Internet Directory tracks the idle threads for server manageability statistics.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.141

Other

Single-valued attribute.

8.2.168 orclIncludedNamingContexts

Description

The naming context included in a partial replica. For each naming context object, you can specify only one unique subtree.

In partial replication, except for subtrees listed in the orclExcludedNamingContexts attribute, all subtrees in the specified included naming context are replicated.

Only LDAP-based replication agreements respect this attribute to define one or more partial replicas. If this attribute contains any values in an Oracle Database Advanced Replication-based replication agreement, then it is ignored.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.819

Other

Single-valued attribute.

DSA operational attribute.

8.2.169 orclIndexedAttribute

Description

Attributes that are indexed in the Oracle Internet Directory catalog.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.49

8.2.170 orclInitialServerMemSize

Description

The memory size of the Oracle Internet Directory server at start up.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.147

Other

Single-valued attribute.

8.2.171 orclinmemfiltprocess

Description

Search filters to be processed in memory.

Syntax

Printable String

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.608

Other

Multiple-valued attribute.

8.2.172 orclInterval

Description

Time interval in seconds between executions of Oracle Directory Integration and Provisioning profiles.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.8

8.2.173 orclIpAddress

Description

The IP address of the Oracle Internet Directory server host.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.186

8.2.174 orclIsEnabled

Description

Whether a user or service subscriber is enabled in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.316

Other

Single-valued attribute.

8.2.175 orclIsVisible

Description

This attribute is used to determine if users or groups is visible to applications managed by Oracle Delegated Administration Services, such as Oracle Portal. Oracle Single Sign-On does not use this attribute. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.303

Other

Single-valued attribute.

8.2.176 orclLastAppliedChangeNumber

Description

For Oracle Directory Integration and Provisioning export operations, the last change from Oracle Internet Directory that was applied to the connected directory. The default value is 0. If you have used the Oracle Directory Integration and Provisioning Assistant to bootstrap the connected directory, then this value is set automatically at the end of the bootstrapping process. This is valid only in the export profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.69

Other

Single-valued attribute.

8.2.177 orclLastLoginTime

Description

Last login time of a user

Syntax

1.3.6.1.4.1.1466.115.121.1.24

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.378

Other

Single-valued attribute

8.2.178 orclLDAPConnKeepALive

Description

For replication, whether to keep the LDAP connection to the connected directory alive due to activity. If not set Oracle Internet Directory will drop inactive connections after a period of time. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.822

Other

Single-valued attribute.

8.2.179 orclLDAPConnTimeout

Description

The number of minutes before Oracle Internet Directory times out and drops an inactive connection.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.194

Other

Single-valued attribute.

8.2.180 orclLDAPInstanceID

Description

The instance number of a particular Oracle Internet Directory server instance.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.125

Other

Single-valued attribute.

8.2.181 orclLDAPProcessID

Description

The process ID of a particular Oracle Internet Directory server instance.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.126

Other

Single-valued attribute.

8.2.182 orclMaidenName

Description

The maiden name of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.306

8.2.183 orclMappedDN

Description

Holds the required information for generating the mapped identity.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.704

Other

Single-valued attribute.

8.2.184 orclMaskFilter

Description

LDAP filter specifying entries to be exposed. Others are masked.

Syntax

1.3.6.1.4.1.1466.115.121.1.44 (Printable String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.427

Other

Multivalued, User-modifiable

8.2.185 orclMaskRealm

Description

List of DIT subtrees that are exposed or hidden:

  • orclMaskRealm contains the DIT subtrees that are exposed in an instance. This attribute is configured in the instance level. The DN configured and its children are visible in the instance. Other entries in the DIT are masked (hidden) for all LDAP operations.

  • orclMaskRealm;disallowed contains the DIT subtrees that are hidden in a container for an entire directory for all LDAP operations. This attribute is configured in the DSA configuration entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.34 (DN)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.426

Other

Multivalued, User-modifiable

8.2.186 orclMasterNode

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.1010

Other

Single-valued attribute.

8.2.187 orclMatchDnEnabled

Description

If the base DN of a search request is not found, then the directory server returns the nearest DN that matches the specified base DN. Whether the directory server tries to find the nearest match DN is controlled by this attribute. If set to 1, then match DN processing is enabled. If set to 0, then match DN processing is disabled. The default is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.404

Other

Single-valued attribute.

8.2.188 orclMaxCC

Description

The number of connections established by the Oracle Internet Directory server to its backend data base. The default value is 2.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.4

Other

Single-valued attribute.

8.2.189 orclMaxConnInCache

Description

The number of connection DNs whose privileged groups can be cached is controlled by orclMaxConnInCache in the instance-specific configuration entry. The default value is 100000 identities (connection DNs). Increase the value of orclMaxConnInCache if your installation has more than 25000 users.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.605

Other

Single-valued attribute.

8.2.190 orclMaxTcpIdleConnTime

Description

Frequency in minutes at which the Oracle Internet Directory server calls OCIPing() to send keep alive messages to the Oracle Database. Setting this attribute to a value less than the timeout value of the firewall between Oracle Internet Directory server and its Database (typically 30 minutes) prevents the Database connection from being dropped.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.196

Other

Single-valued attribute.

8.2.191 orclMaxFDLimitReached

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.156

Other

Single-valued attribute.

8.2.192 orclmaxfiltsize

Description

Max size of the filter to be allowed for ldap search operation.

Syntax

Matching Rule

Object ID

2.16.840.1.113894.1.1.610

8.2.193 OrclMaxLdapConns

Description

Max LDAP connections per server.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.611

8.2.194 orclmaxlogfiles

Description

Maximum number of log files to keep in rotation.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.615

8.2.195 orclmaxlogfilesize

Description

Maximum size of the log file.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.614

8.2.196 orclMaxProcessLimitReached

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.164

Other

Single-valued attribute.

8.2.197 orclMaxServerRespTime

Description

Maximum Time in seconds for Server process to respond back to Dispatcher process

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.620

8.2.198 orclMemAllocError

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.162

Other

Single-valued attribute.

8.2.199 orclMemberOf

Description

This attribute contains the groups to which the entry belongs. This includes static groups and dynamic groups of objectclass orclDynamicGroup, using labeleduri attribute, which are cached. The membership includes both direct groups and nested groups. The attribute values are computed during search and are not stored. As of Oracle Internet Directory 11g Release 1 (11.1.1.7.0), this attribute can be used in search filters.

orclMemberOf is an operational attribute and is returned by a search only when explicitly requested in the required attributes list.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.424

Other

Directory operational attribute.

Not user modifiable.

Aliases: memberof, ismemberof.

8.2.200 orclNetDescName

Description

The DN of an Oracle Net Service description entry. Oracle Net directory naming allows net service names to be stored in and retrieved from Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.3.1.12

Other

Single-valued attribute.

8.2.201 orclNetDescString

Description

The description string for an Oracle Net Service. For example:

(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)
(HOST = hostname)(PORT =1521))) (CONNECT_DATA = (SID = ORCL)))

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.3.1.13

Other

Single-valued attribute.

8.2.202 orclNonSSLPort

Description

The non-SSL LDAP listening port for Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.102

Other

Single-valued attribute.

8.2.203 orclNormDN

Description

Identifies the normalized DN of an entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.1000

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.204 orclNWCongested

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.160

Other

Single-valued attribute.

8.2.205 orclNwrwTimeout

Description

Stores the network read/write time out. When an LDAP client initiates an operation, then does not respond to the server for a configured number of seconds, the server closes the connection. The number of seconds is controlled by the attribute orclnwrwtimeout in the DSA configuration entry. The default is 300 seconds.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.603

Other

Single-valued attribute.

8.2.206 orclNwUnavailable

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.159

Other

Single-valued attribute.

8.2.207 orclObjectGUID

Description

Stores Microsoft Active Directory's OBJECTGUID attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.901

Other

Single-valued attribute.

8.2.208 orclObjectSID

Description

Stores Microsoft Active Directory's OBJECTSID attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.902

Other

Single-valued attribute.

8.2.209 orclODIPAgent

Description

The DN of a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.6

8.2.210 orclODIPAgentConfigInfo

Description

Any configuration information that you want the connector to store in Oracle Internet Directory. It is passed by the Directory Integration Platform server to the connector at time of connector invocation. The information is stored as an attribute and the Directory Integration Platform server does not have any knowledge of its content. When the connector is scheduled for execution, the value of the attribute is stored in the file, ORACLE_HOME/ldap/odi/conf/profile_name.cfg that can be processed by the connector.

Upload the file by using:

manageSyncProfiles update -h host -p port -D WLS_userid -profile profile_name -params "odip.profile.configfile ORACLE_HOME/ldap/odi/conf/profile_name.cfg"

or

manageSyncProfiles update -h host -p port -D WLS_userid -profile profile_name -file properties_file

where properties_file specifies odip.profile.configfile=ORACLE_HOME/ldap/odi/conf/profile_name.cfg.

Do this for both import and export agents.

See Chapter 5, "Oracle Directory Integration Platform Tools" and the Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform for more information

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.24

8.2.211 orclODIPAgentControl

Description

Whether a synchronization profile is enabled or disabled. Valid values are ENABLE or DISABLE. The default is DISABLE.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.3

Other

Single-valued attribute.

8.2.212 orclODIPAgentExeCommand

Description

The executable name and argument list used by the Directory Integration Platform server to invoke a connector. It can be passed as a command-line argument when the connector is invoked. For example, here is a command to invoke the Oracle HR connector:

odihragent OracleHRAgent connect=hrdb login=%orclodipConDirAccessAccount pass=%orclodipConDirAccessPassword date=%orclODIPLastSuccessfulExecutionTime

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.21

Other

Single-valued attribute.

8.2.213 orclODIPAgentHostName

Description

The host name of the Oracle Directory Integration and Provisioning server where the synchronization profile is run.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.5

Other

Single-valued attribute.

8.2.214 orclODIPAgentName

Description

The name of a third-party synchronization profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.1

Other

Single-valued attribute.

8.2.215 orclODIPAgentPassword

Description

Password that the synchronization profile uses to bind to the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.4

Other

Single-valued attribute.

8.2.216 orclODIPApplicationName

Description

The name of an application to which a provisioning subscription belongs.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.7

8.2.217 orclODIPApplicationsLocation

Description

The DN of the application to which a provisioning subscription belongs.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.918

Other

Single-valued attribute.

8.2.218 orclODIPAttributeMappingRules

Description

Attribute for storing the mapping rules used by a synchronization profile. Store the mapping rules in a file by using the Directory Integration Platform Assistant. See Chapter 5, "Oracle Directory Integration Platform Tools" and the Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform for more information about mapping rules.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.41

8.2.219 orclODIPBootStrapStatus

Description

The bootstrap status of a synchronization profile (the initial migration of data between a connected directory and Oracle Internet Directory).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.101

Other

Single-valued attribute.

8.2.220 orclODIPCommand

Description

The command to invoke a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.9.1.5

8.2.221 orclODIPConDirAccessAccount

Description

Valid user account in the connected directory to be used by the connector for synchronization. The value is specific to the connected directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind DN in the SunONE Directory Server. For the Human Resources Connector, it is a valid user identifier in the Oracle Human Resources database. For other connectors, it can be passed as a command-line argument when the connector is invoked.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.22

Other

Single-valued attribute.

8.2.222 orclODIPConDirAccessPassword

Description

Password to be used by the user specified in the orclODIPConDirAccessAccount attribute to connect to the connected directory. The value is specific to the third-party directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind password in the SunONE Directory Server. For the Human Resources Agent, it is the Oracle Human Resources database password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.23

8.2.223 orclODIPConDirLastAppliedChgNum

Description

For Oracle Directory Integration and Provisioning import operations, the last change from the connected directory that was applied to Oracle Internet Directory. The default value is 0. If you have used the Directory Integration Platform Assistant to bootstrap the connected directory, then this value is set automatically. See Chapter 5, "Oracle Directory Integration Platform Tools" and the Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform for more information about the bootstrap operation. This is valid only in the import profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.65

Other

Single-valued attribute.

8.2.224 orclODIPConDirMatchingFilter

Description

This attribute specifies the filter to apply to the third-party directory change log. It is used in the Oracle Directory Integration and Provisioning import profile. The filter must be set in the import profile when both the import and export integration profiles are enabled, as follows:

Modifiersname != connected_directory_account

This prevents the same change from being exchanged between the two directories indefinitely. To avoid confusion, make this account specific to synchronization.

See Also: Note 280474.1, "Setting Up Filtering in a DIP Synchronization Profile" available at My Oracle Support (formerly MetaLink) at http://metalink.oracle.com/.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.42

8.2.225 orclODIPConDirURL

Description

Connection string required to connect to the third-party connected directory. This value refers to the host name and port number as host:port:[sslmode].

To connect by using SSL, enter host:port:1.

Make sure the certificate to connect to the directory is stored in the wallet, the location of which is specified in the file odi.properties.

Note: To connect to SunONE Directory Server by using SSL, the server certificate needs to be loaded into the wallet.

See Also: The chapter on Oracle Wallet Manager in Oracle Database Advanced Security Administrator's Guide.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.25

Other

Single-valued attribute.

8.2.226 orclODIPConfigDNs

Description

Stores the DNs of integration profiles for a particular configuration set in Oracle Directory Integration Platform.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.72

8.2.227 orclODIPConfigRefreshFlag

Description

Stores a flag which indicates whether any integration profiles have been added, deleted, or modified. Used in association with a configuration set.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.71

Other

Single-valued attribute.

8.2.228 orclODIPDbConnectInfo

Description

The connection string for the database of a provisioning profile subscriber. The format of the string is host:port:sid:username:password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.2

8.2.229 orclODIPEncryptedAttrKey

Description

Stores a key which is used to encrypt and decrypt sensitive data that is transmitted by the Oracle directory integration platform server to other applications.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.215

Other

Single-valued attribute.

8.2.230 orclODIPEventFilter

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.433

8.2.231 orclODIPEventSubscriptions

Description

Store configuration information for events to which a provisioned-integrated application subscribes.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.1

8.2.232 orclODIPFilterAttrCriteria

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.605

Other

Single-valued attribute.

8.2.233 orclODIPInstancesLocation

Description

Identifies the location in the directory that stores information about instances of the Oracle directory integration platform server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.913

Other

Single-valued attribute.

8.2.234 orclODIPInstanceStatus

Description

Stores a flag that indicates whether an instance of the Oracle directory integration platform server should continue running or shut down. This flag provides a means of communication between the OID Monitor, OID Control, and the Oracle directory integration platform server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.76

Other

Single-valued attribute.

8.2.235 orclODIPInterfaceType

Description

The data format or protocol used in synchronization with a third-party directory. Supported values are:

  • LDIF—Import or export from a LDIF File.

  • Tagged—Import or export from a tagged file—a proprietary format supported by the Oracle Directory Integration Platform server, similar to LDIF format.

  • LDAP—Import from or export to an LDAP-compliant directory.

  • DB —Import from or export to an Oracle Database directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.28

Other

Single-valued attribute.

8.2.236 orclODIPLastExecutionTime

Description

Status attribute set to the last time the integration profile was executed by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss, where hh is the time of day in 24-hour format. This attribute is initialized during profile creation.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.61

Other

Single-valued attribute.

8.2.237 orclODIPLastSuccessfulExecutionTime

Description

Status attribute set to the last time the integration profile was executed successfully by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss, where hh is the time of day in 24-hour format. This attribute is initialized during profile creation.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.62

Other

Single-valued attribute.

8.2.238 orclODIPMustAttrCriteria

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.603

Other

Single-valued attribute.

8.2.239 orclODIPObjectCriteria

Description

Used in an object definition to identify and classify a particular type of object.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.602

8.2.240 orclODIPObjectDefnLocation

Description

Identifies the location of the various object definitions used by the Oracle directory integration platform server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.917

Other

Single-valued attribute.

8.2.241 orclODIPObjectEvents

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.432

8.2.242 orclODIPObjectName

Description

Used in an object definition to store the name of an object.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.601

Other

Single-valued attribute.

8.2.243 orclODIPObjectSyncBase

Description

The search base in the directory for an object associated with an Oracle Directory Integration and Provisioning synchronization profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.431

8.2.244 orclODIPOIDMatchingFilter

Description

In export profiles, this attribute specifies the filter to apply to the Oracle Internet Directory change log container. It is used in the export profile. It must be set in the export profile when both the import and export integration profiles are enabled, as in the following example:

Modifiersname !=orclodipagentname=iPlanetImport,cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory

This prevents the same change from being exchanged between the two directories indefinitely.

In import profiles, this attribute specifies a key for mapping entries between Oracle Internet Directory and the connected directory. This is useful when the DN cannot be used as the key.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.43

8.2.245 orclODIPOperationMode

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.430

8.2.246 orclODIPOptAttrCriteria

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.604

Other

Single-valued attribute.

8.2.247 orclODIPPluginAddInfo

Description

Additional information that may be needed by an Oracle Directory Integration and Provisioning connector plug-in.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.264

Other

Single-valued attribute.

8.2.248 orclODIPPluginConfigInfo

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.261

Other

Single-valued attribute.

8.2.249 orclODIPPluginEvents

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.265

8.2.250 orclODIPPluginExecData

Description

The Oracle Directory Integration and Provisioning connector plug-in executable data, which is typically a JAR file.

Syntax

1.3.6.1.4.1.1466.115.121.1.5 (Binary Data)

Matching Rule

N/A

Object ID

2.16.840.1.113894.8.1.262

8.2.251 orclODIPPluginExecName

Description

The fully qualified name of the Oracle Directory Integration and Provisioning connector plug-in executable, which is typically a Java class.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.263

Other

Single-valued attribute.

8.2.252 orclODIPProfileDataLocation

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.914

Other

Single-valued attribute.

8.2.253 orclODIPProfileDebugLevel

Description

The debugging level for an Oracle Directory Integration and Provisioning synchronization profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.251

Other

Single-valued attribute.

8.2.254 orclODIPProfileExecGroupID

Description

Associates a group number with a particular provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.250

Other

Single-valued attribute.

8.2.255 orclODIPProfileInterfaceAdditionalInformation

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.223

8.2.256 orclODIPProfileInterfaceConnectInformation

Description

Contains information that is used by the Oracle directory integration platform server on how to connect to a provisioning-integrated application for event propagation.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.222

Other

Single-valued attribute.

8.2.257 orclODIPProfileInterfaceName

Description

Contains a provisioning-integrated application's interface name, which is used by the Oracle directory integration platform server for event propagation. The value assigned to this attribute depends on the interface type.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.220

Other

Single-valued attribute.

8.2.258 orclODIPProfileInterfaceType

Description

Specifies the type of interface to which events is propagated by the Oracle directory integration platform server. Valid values for this attribute are PLSQL or JAVA.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.221

Other

Single-valued attribute.

8.2.259 orclODIPProfileInterfaceVersion

Description

Specifies the provisioning profile version to which events is propagated by the Oracle directory integration platform server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.224

Other

Single-valued attribute.

8.2.260 orclODIPProfileLastAppliedAppEventID

Description

Contains the number of the last event that was generated by a provisioning-integration application and updated in Oracle Internet Directory by the Oracle directory integration platform server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.234

Other

Single-valued attribute.

8.2.261 orclODIPProfileLastProcessingTime

Description

The last time the Oracle Directory Integration and Provisioning synchronization profile was executed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.232

Other

Single-valued attribute.

8.2.262 orclODIPProfileLastSuccessfulProcessingTime

Description

The last time the Oracle Directory Integration and Provisioning synchronization profile was successfully executed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.233

Other

Single-valued attribute.

8.2.263 orclODIPProfileMaxErrors

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.214

Other

Single-valued attribute.

8.2.264 orclODIPProfileMaxEventsPerInvocation

Description

Specifies the maximum number of events that the Oracle directory integration platform server packages and sends to an application during one invocation of a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.212

Other

Single-valued attribute.

8.2.265 orclODIPProfileMaxEventsPerSchedule

Description

Specifies the maximum number of events that the Oracle directory integration platform server sends to an application during one execution of a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.213

Other

Single-valued attribute.

8.2.266 orclODIPProfileMaxRetries

Description

The maximum number of times an Oracle Directory Integration and Provisioning profile is retried in the event of an error.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.211

Other

Single-valued attribute.

8.2.267 orclODIPProfileName

Description

The name of the Oracle Directory Integration and Provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.201

Other

Single-valued attribute.

8.2.268 orclODIPProfileProcessingErrors

Description

Contains errors raised during event propagation by the Oracle directory integration platform server for a particular provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.231

8.2.269 orclODIPProfileProcessingStatus

Description

Contains the Oracle directory integration platform server's event propagation status for a particular provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.230

Other

Single-valued attribute.

8.2.270 orclODIPProfileProvSubscriptionMode

Description

The subscription mode for a provisioning profile: INBOUND, OUTBOUND, or BOTH.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.408

8.2.271 orclODIPProfileSchedule

Description

The number of seconds between executions of an Oracle Directory Integration and Provisioning profile. The default is 3600, which means the profile is scheduled to run every hour.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.210

Other

Single-valued attribute.

8.2.272 orclODIPProfileStatusUpdate

Description

Indicates whether the Oracle directory integration platform server should perform a provisioning profile status update while propagating events to a provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.610

Other

Single-valued attribute.

8.2.273 orclODIPProvEventCriteria

Description

Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to identify a particular type of event.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.503

8.2.274 orclODIPProvEventLDAPChangeType

Description

Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to indicate what type of operation in LDAP (add, modify, delete) can cause some type of event.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.502

8.2.275 orclODIPProvEventObjectType

Description

Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to indicate the type of object (i.e whether it is a USER or a GROUP and so forth) based on other qualifying criteria.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.501

Other

Single-valued attribute.

8.2.276 orclODIPProvEventRule

Description

Stores the XML-based rule definitions used by the Oracle directory integration platform server to convert changes in Oracle Internet Directory into events before propagating them to a provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.607

Other

Single-valued attribute.

8.2.277 orclODIPProvEventRuleDTD

Description

Stores the XML DTD for event rule definitions used by the Oracle directory integration platform server to understand and parse event rule definitions.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.606

Other

Single-valued attribute.

8.2.278 orclODIPProvInterfaceFilter

Description

Used with version 3.0 provisioning profiles to identify and classify an object based on the entry's object class. This attribute is used in the object definitions stored in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.609

8.2.279 orclODIPProvInterfaceProcessor

Description

Used by the Oracle directory integration platform server to identify the Java classes to use for reading and writing events from and to provisioning-integration applications and for processing event propagation results. The default configurations in this attribute should not be changed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.608

Other

Single-valued attribute.

8.2.280 orclODIPProvisioningAppGUID

Description

The global unique identifier for the application entry associated with a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.402

Other

Single-valued attribute.

8.2.281 orclODIPProvisioningAppName

Description

The distinguished name (DN) of the application to which the provisioning subscription belongs. The combination of the application name and organization name uniquely identifies a provisioning profile, for example, Email.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.401

Other

Single-valued attribute.

8.2.282 orclODIPProvisioningEventMappingRules

Description

The event mapping rule maps the object type received from the application (using an optional filter condition) to a domain in Oracle Internet Directory. An inbound provisioning profile can have multiple mapping rules defined.

The following example shows a sample mapping rule value. The rule shows that a user object (USER) whose locality attribute equals US (l=US) should be mapped to the domain l=US,cn=users,dc=company,dc=com.

USER:l=US:l=US,cn=users,dc=company,dc=com

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.406

8.2.283 orclODIPProvisioningEventPermittedOperations

Description

Defines the types of events that the application is allowed to send to the Oracle Directory Integration and Provisioning service. An inbound provisioning profile can have multiple permitted operations defined.

For example, if you wanted to permit the application to send events whenever a user object was added or deleted, or when certain attributes were modified, you would have three permitted operation values such as this:

USER:dc=mycompany,dc=com:ADD(*)
USER:dc=mycompany,dc=com:MODIFY(cn,sn,mail,password)
USER:dc=mycompany,dc=com:DELETE(*)

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.407

8.2.284 orclODIPProvisioningEventSubscription

Description

Defines the types of events that the Oracle Directory Integration and Provisioning service should send to the application. An outbound provisioning profile can have multiple event subscriptions defined.

For example, if you wanted the directory integration server to send events to the application whenever a user or group object was added or deleted, you would have four event subscription values such as this:

GROUP:dc=mycompany,dc=com:ADD(*)
GROUP:dc=mycompany,dc=com:DELETE(*)
USER:dc=mycompany,dc=com:ADD(*)
USER:dc=mycompany,dc=com:DELETE(*)

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.405

8.2.285 orclODIPProvisioningOrgGUID

Description

The global unique identifier for the organization entry associated with a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.404

Other

Single-valued attribute.

8.2.286 orclODIPProvisioningOrgName

Description

The distinguished name (DN) of the organization to which the provisioning subscription belongs, for example dc=company,dc=com. The combination of the application DN and organization DN uniquely identifies a provisioning profile. Defaults value is the DN of the default identity management realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.403

Other

Single-valued attribute.

8.2.287 orclODIPProvProfileLocation

Description

Contains the DN of the directory container that stores provisioning profiles.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.916

Other

Single-valued attribute.

8.2.288 orclODIPRootLocation

Description

Refers to the root location in the directory tree where the Oracle Directory Integration Platform configuration is stored.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.912

Other

Single-valued attribute.

8.2.289 orclODIPSchedulingInterval

Description

Time interval in seconds after which a connected directory is synchronized with Oracle Internet Directory. The default is 600.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.6

Other

Single-valued attribute.

8.2.290 orclODIPSchemaVersion

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.911

Other

Single-valued attribute.

8.2.291 orclODIPSearchCountLimit

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.511

Other

Single-valued attribute.

8.2.292 orclODIPSearchTimeLimit

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.512

Other

Single-valued attribute.

8.2.293 orclODIPServerCommitSize

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.515

Other

Single-valued attribute.

8.2.294 orclODIPServerConfigLocation

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.919

Other

Single-valued attribute.

8.2.295 orclODIPServerDebugLevel

Description

The number that corresponds to the debugging level for the Oracle Directory Integration and Provisioning server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.516

Other

Single-valued attribute.

8.2.296 orclODIPServerRefreshIntvl

Description

The number of minutes between server refreshes for any changes in Oracle Directory Integration Platform profiles. If not specified, the default of 2 is used.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.514

Other

Single-valued attribute.

8.2.297 orclODIPServerSSLMode

Description

The number of the corresponding SSL mode. The default is 0. The modes are as follows:

  • 0 — SSL is not used.

  • 1 — SSL is used for encryption only, not for authentication.

  • 2 — SSL is used for one-way authentication. With this mode you must also specify the complete path and file name of the server's Oracle Wallet.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.513

Other

Single-valued attribute.

8.2.298 orclODIPServerWalletLoc

Description

The complete path and file name of the Oracle Directory Integration and Provisioning server's Oracle Wallet.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.517

Other

Single-valued attribute.

8.2.299 orclODIPSynchronizationErrors

Description

Messages explaining the errors if the last execution of the synchronization profile failed. This attribute is updated by Oracle Directory Integration and Provisioning server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.64

8.2.300 orclODIPSynchronizationMode

Description

Direction of synchronization between Oracle Internet Directory and the connected directory. Allowed values are: IMPORT or EXPORT.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.2

Other

Single-valued attribute.

8.2.301 orclODIPSynchronizationStatus

Description

Status of the last execution of a synchronization profile: SUCCESS or FAILURE. Initially, this attribute has the value YET TO BE EXECUTED.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.63

Other

Single-valued attribute.

8.2.302 orclODIPSyncProfileLocation

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.915

Other

Single-valued attribute.

8.2.303 orclODIPSyncRetryCount

Description

Maximum number of times Oracle Directory Integration and Provisioning server tries to run the third-party directory connector in the event of a failure. The default is 5.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.7

Other

Single-valued attribute.

8.2.304 orclOidComponentName

Description

Name of OID component where replication server is started.

Syntax

Directory String

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.832

8.2.305 orclOidInstanceName

Description

Name of instance where replication server is started.

Syntax

Directory String

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.830

8.2.306 orclOpAbandoned

Description

Specifies the number of abandoned LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.168

Other

Single-valued attribute.

8.2.307 orclOpCompleted

Description

Specifies the number of completed LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.166

Other

Single-valued attribute.

8.2.308 orclOpenConn

Description

Specifies the number of open connections to the Oracle Internet Directory server, including client LDAP connections and database connections.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.149

Other

Single-valued attribute.

8.2.309 orclOpFailed

Description

Specifies the number of failed LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.190

Other

Single-valued attribute.

8.2.310 orclOpInitiated

Description

Specifies the number of initiated LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.165

Other

Single-valued attribute.

8.2.311 orclOpLatency

Description

Stores operation latency.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.127

Other

Single-valued attribute.

8.2.312 orclOpPending

Description

Specifies the number of pending LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.167

Other

Single-valued attribute.

8.2.313 orclOpResult

Description

Stores the operation result.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.64

8.2.314 orclOpSucceeded

Description

Specifies the number of successful LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.189

Other

Single-valued attribute.

8.2.315 orclOpTimedOut

Description

Specifies the number of LDAP search operations that timed out.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.169

Other

Single-valued attribute.

8.2.316 orcloptracklevel

Description

Security event tracking level.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.180

8.2.317 orcloptrackmaxtotalsize

Description

Maximum number of bytes of RAM that security events tracking can use for each type of operation.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.178

8.2.318 orcloptracknumelemcontainers

Description

Number of in-memory cache containers to be allocated for security event tracking. The 1stlevel subtype is for setting the number of in-memory cache containers for storing information about users performing operations. The 2ndlevel subtype, which is applicable only to compare operation, sets the number of in-memory cache containers for information about the users whose userpassword is compared and tracked when detailed compare operation statistics is programmed.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.181

8.2.319 orclORA28error

Description

Specifies the number of ORA-28 errors encountered by Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.182

Other

Single-valued attribute.

8.2.320 orclORA3113error

Description

Specifies the number of ORA-3113 errors encountered by Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.157

Other

Single-valued attribute.

8.2.321 orclORA3114error

Description

Specifies the number of ORA-3114 errors encountered by Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.158

Other

Single-valued attribute.

8.2.322 orclOracleHome

Description

The ORACLE_HOME location of an Oracle service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

N/A

Object ID

2.16.840.1.113894.7.1.2

Other

Single-valued attribute.

8.2.323 orclOwnerGUID

Description

The global unique identifier of the user who owns an application or resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.358

8.2.324 orclPassword

Description

Identifies an Oracle-specific password for custom authentication schemes like O3Logon for the database server.

Syntax

1.3.6.1.4.1.1466.115.121.1.44 (Printable String)

Matching Rule

caseExactMatch

Object ID

2.16.840.1.113894.7.1.13

8.2.325 orclPasswordAttribute

Description

Specifies the password value to access the resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.353

Other

Single-valued attribute.

8.2.326 orclPasswordHint

Description

Specifies the password hint to be displayed when users forget their password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.314

Other

Single-valued attribute.

8.2.327 orclPasswordHintAnswer

Description

The answer related to the password hint question stored in orclPasswordHint.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.315

Other

Single-valued attribute.

Note:

orclPasswordHintAnswer is hashed using the SHA-1 algorithm. The hexadecimal value of this is Base64 encoded.

Oracle Internet Directory hashes the value only if it is provided as plaintext. Prehashed values are not hashed again.

8.2.328 orclPasswordVerifier

Description

Attribute for storing a password to an Oracle component when that password is different from that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is not synchronized with that in the userPassword attribute.

Like authPassword, this attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.210

8.2.329 orclPilotMode

Description

Whether to BEGIN or END pilot mode for a replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch, equality integermatch

Object ID

2.16.840.1.113894.1.1.824

Other

Single-valued attribute.

8.2.330 orclPKCS12Hint

Description

Password hint for the user's PKCS12 private key store.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.11

8.2.331 orclPKIMatchingRule

Description

This is used to specify the matching rule for mapping a user's PKI certificate DN to the user's entry DN in Oracle Internet Directory. The following matching rule values are allowed:

  • 0 - Exact match. The PKI certificate DN must match the user entry DN.

  • 1 - Certificate search. Check to see if the user has a PKI certificate provisioned into Oracle Internet Directory.

  • 2 - A combination of exact match and certificate search. If the exact match fails, then a certificate search is performed.

  • 3 - Mapping rule only. Use a mapping rule to map user PKI certificate DNs to Oracle Internet Directory DNs.

  • 4 - Try in order: 1 (mapping rule), 2 (certificate search), 3 (exact match).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.703

Other

Single-valued attribute.

8.2.332 orclPKINextUpdate

Description

The universal time when the certificate revocation list (CRL) should be updated.

Syntax

1.3.6.1.4.1.1466.115.121.1.53 (UTC Time)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.2.1.300.1

8.2.333 orclPKIValMecAttr

Description

Contains the certificate validation mechanism supported. Currently, only validation with crls is supported, hence the value of this attribute is CRL.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.2.1.300.2

8.2.334 orclPluginAttributeList

Description

A semicolon-separated attribute name list that controls whether the plug-in takes effect. If the target attribute is included in the list, the plug-in is invoked.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.563

Other

Single-valued attribute.

8.2.335 orclPluginCheckEntryExist

Description

If enabled, then the Plug-in is invoked when the base entry does not exist. This only applies to search operation with scope base.

Allowed values are 0 (disabled) or 1 (enabled).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.569

Other

Single-valued attribute.

8.2.336 orclPluginEnable

Description

Whether a plug-in is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled). The default is 0 (disabled).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.554

Other

Single-valued attribute.

8.2.337 orclPluginEntryProperties

Description

An LDAP search filter that specifies entry criteria that will cause the plug-in to not be invoked. For example, if the following filter is used, the plug-in will not be invoked if the target entry has objectclass equal to inetorgperson and sn equal to Cezanne.

(&(objectclass=inetorgperson)(sn=Cezanne))

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.568

Other

Single-valued attribute.

8.2.338 orclPluginIsReplace

Description

For plug-ins that use WHEN timing only. 0 is disabled (default). 1 is enabled. This attribute can be set to enabled only if the orclPluginLDAPOperation attribute value is ldapbind, ldapcompare, or ldapmodify.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.559

Other

Single-valued attribute.

8.2.339 orclPluginBinaryFlexfield

Description

Custom binary information (Java only)

Syntax

1.3.6.1.4.1.1466.115.121.1.5

Object ID

2.16.840.1.113894.1.1.574

Other

Single-valued attribute.

8.2.340 orclPluginFlexfield

Description

Custom text information (Java only). To indicate a subtype, specify orclPluginFlexfield; subtypename, for example, orclPluginFlexfield; minPwdLength: 8

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.573

Other

Single-Valued attribute.

8.2.341 orclPluginSecuredFlexfield

Description

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.577

Other

Single-Valued attribute.

8.2.342 orclPluginKind

Description

The kind of plug-in. PL/SQL is the only allowed value.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.562

Other

Single-valued attribute.

8.2.343 orclPluginLDAPOperation

Description

The LDAP operation that this plug-in supplements. Allowed values are:

  • ldapcompare

  • ldapmodify

  • ldapbind

  • ldapadd

  • ldapdelete

  • ldapsearch

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.557

Other

Single-valued attribute.

8.2.344 orclPluginName

Description

The plug-in package name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.552

Other

Single-valued attribute.

8.2.345 orclPluginPort

Description

The port that the plug-in is using.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.566

Other

Single-valued attribute.

8.2.346 orclPluginRequestGroup

Description

A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who can actually invoke the plug-in. For example, if you specify orclpluginrequestgroup:cn=security,cn=groups,dc=oracle,dc=com, when you register the plug-in, then the plug-in will not be invoked unless the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.564

Other

Single-valued attribute.

8.2.347 orclPluginRequestNegGroup

Description

A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who cannot invoke the plug-in. For example, if you specify orclpluginrequestneggroup: cn=security,cn=groups,dc=oracle,dc=com, when you register the plug-in, then the plug-in will not be invoked if the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.571

Other

Single-valued attribute.

8.2.348 orclPluginResultCode

Description

An integer value to specify the LDAP result code. If this value is specified, then the plug-in is invoked only if the ldap operation is in that result code scenario. This only applies if the value for the orclPluginTiming attribute is POST.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.565

Other

Single-valued attribute.

8.2.349 orclPluginSASLCallBack

Description

Controls the type of bind used when the LDAP_PLUGIN package connects back to the same Oracle Internet Directory server.

  • 1= SASL bind (default).

  • 0= Simple bind.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.572

Other

Single-valued attribute.

8.2.350 orclPluginSearchNotFound

Description

This only applies if the value for the orclPluginTiming attribute is POST. Brings in the external entries if the entry is not found in Oracle Internet Directory. Provides additional plug-in invocation checking and ensures that the plug-in will only be invoked when the entry is not present in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.570

Other

Single-valued attribute.

8.2.351 orclPluginShareLibLocation

Description

File location of the program libraries for the plug-in. If this value is not present, then the Oracle Internet Directory server assumes the plug-in language is PL/SQL.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.556

Other

Single-valued attribute.

8.2.352 orclPluginSubscriberDNList

Description

A semicolon-separated DN list that controls if the plug-in takes effect. For example:

dc=COM,c=us;dc=us,dc=oracle,dc=com;dc=org,dc=us;o=IMC,c=US

If the target DN of an LDAP operation is included in the list, then the plug-in is invoked.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.561

Other

Single-valued attribute.

8.2.353 orclPluginTiming

Description

Specifies when the plug-in is to be invoked in relation to the LDAP operation it supplements. The following values are allowed:

  • PRE

  • WHEN

  • POST

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.558

Other

Single-valued attribute.

8.2.354 orclPluginType

Description

Valid value is operational — Operational plug-ins augment existing LDAP operations. The work they perform depends on whether they execute before, after, or in addition to normal directory server operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.553

Other

Single-valued attribute.

8.2.355 orclPluginVersion

Description

The supported version number of the plug-in.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.555

Other

Single-valued attribute.

8.2.356 OrclPluginWorkers

Description

Number of plug-in threads per server process.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.612

8.2.357 orclPrName

Description

Stores a process name.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.55

Other

Single-valued attribute.

8.2.358 orclProductVersion

Description

Identifies the product version.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.6

8.2.359 orclPrPassword

Description

Contains a password for the OID proxy user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.56

Other

Single-valued attribute.

8.2.360 orclPurgeBase

Description

The base DN in the directory information tree (DIT) where the garbage collection task is applied. This attribute value is reserved for each garbage collector and it must not be modified. Defaults to the RDN of the garbage collector configuration entry DN.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.805

Other

Single-valued attribute.

8.2.361 orclPurgeDebug

Description

Flag to enable (1) or disable (0) collection of debugging messages. Default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.810

Other

Single-valued attribute.

8.2.362 orclPurgeEnable

Description

Flag to enable (1) or disable (0) this garbage collector. Default value is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.808

Other

Single-valued attribute.

8.2.363 orclPurgeFileLoc

Description

Absolute file directory where the garbage collection log file is saved. Default value is. (period - the current directory).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.812

Other

Single-valued attribute.

8.2.364 orclPurgeFileName

Description

The file name of the garbage collection log file. Default value is oidgc001.log.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.811

Other

Single-valued attribute.

8.2.365 orclPurgeFilter

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.803

Other

Single-valued attribute.

8.2.366 orclPurgeInterval

Description

Time interval in hours that the garbage collection job is executed again. This can be measured from either the point in time specified in the orclPurgeStart attribute or from the last time it was run. Default value is 24.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.801

Other

Single-valued attribute.

8.2.367 orclPurgeNow

Description

Every time this attribute is added or modified to a garbage collection entry, then the submitted job is executed immediately.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.809

Other

Single-valued attribute.

8.2.368 orclPurgePackage

Description

Specifies the package name for purging directory objects.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.804

Other

Single-valued attribute.

8.2.369 orclPurgeSchedule

Description

Specifies the schedule for purging directory objects.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integermatch

Object ID

2.16.840.1.113894.1.1.24

Other

Single-valued attribute.

DSA operational attribute.

8.2.370 orclPurgeStart

Description

The time when the garbage collector starts to run. The format is yyyymmddhhmmss. Default value is 12:00 a.m. of the day Oracle Internet Directory is installed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.813

Other

Single-valued attribute.

8.2.371 orclPurgeTargetAge

Description

This attribute enables time-based purging of change log records. Set this to the number of hours after which old change logs are purged. Time-based purging respects the change status of replication, but not the change status of other consumers. When time-based purging is enabled, the change log garbage collector purges all change logs that are not needed by replication and that are at least the specified number of hours old.

The default behavior is change number-based purging, meaning this attribute is NULL or set to a value less than zero. Change number-based purging respects the change status of all change log consumers. That is, it does not purge change logs unless they have been consumed by all consumers. In addition, it does not purge change logs until they are 10 days old.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.800

Other

Single-valued attribute.

8.2.372 orclPurgeTranSize

Description

The number of objects to be purged in one commit transaction. The default value is 1000.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.802

Other

Single-valued attribute.

8.2.373 orclPwdAccountUnlock

Description

It allows a user with the appropriate admininstration rights and priviledges to unlock an already locked account. However, it doesn't necessarily imply that the user affected (that is, who's account was locked) can unlock it by changing this attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.203

Other

Single-valued attribute.

8.2.374 orclPwdAllowHashCompare

Description

Whether to allow password validations by comparing the hash values of encrypted passwords. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.218

Other

Single-valued attribute.

8.2.375 orclPwdAlphaNumeric

Description

Number of numeric characters required in a password. The default value is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.205

Other

Single-valued attribute.

8.2.376 orclPwdEncryptionEnable

Description

If the value is 1, then the user password is stored in reversible encrypted form. If the value is 0, then the user password is stored in plain text.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.215

Other

Single-valued attribute.

8.2.377 orclPwdIllegalValues

Description

Lists the common words and attribute types whose values cannot be used as a valid password. By default, all words are acceptable password values.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.204

8.2.378 orclPwdIPAccountLockedTime

Description

The time when a user account was locked for a specific IP address.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.211

Other

Directory operational attribute.

Not user modifiable.

8.2.379 orclPwdIPFailureTime

Description

The time of a password failure.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.212

Other

Directory operational attribute.

Not user modifiable.

8.2.380 orclPwdIPLockout

Description

Whether to enable account lockouts for a specific IP address. The value can be are 1 (for true) or 0 (for false).

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.200

Other

Single-valued attribute.

8.2.381 orclPwdIPLockoutDuration

Description

The number of seconds you want to enforce account lockout for a specific IP address. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.201

Other

Single-valued attribute.

8.2.382 orclPwdIPMaxFailure

Description

The maximum number of failed logins from a specific IP address after which the account is locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.202

Other

Single-valued attribute.

8.2.383 orclpwdmaxinactivitytime

Description

Maximum period of time in seconds after which an inactive account is automatically locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.379

Other

Single-valued attribute.

8.2.384 orclPwdMaxRptchars

Description

Maximum number of times a single character type can be repeated in a password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.415

Other

Single-valued attribute.

8.2.385 orclPwdMinAlphachars

Description

Minimum number of alphabetic characters required in a password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.411

Other

Single-valued attribute.

8.2.386 orclPwdMinSpecialchars

Description

Minimum number of non-alphanumeric characters required in a password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.412

Other

Single-valued attribute.

8.2.387 orclPwdMinUppercase

Description

Minimum number of uppercase characters required in a password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.413

Other

Single-valued attribute.

8.2.388 orclpwdminlowercase

Description

orclpwdminlowercase

Syntax

Minimum number of lowercase characters required in a password.

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.414

Other

Single-valued attribute.

8.2.389 orclPwdPolicyEnable

Description

Whether to enable or disable the password policy. The value can be are 1 (for enable) or 0 (for disable).

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.213

Other

Single-valued attribute.

8.2.390 orclPwdTrackLogin

Description

Enables or disables tracking of user's last login time; 1 for enabling and 0 for disabling (default).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.377

Other

Single-valued attribute

8.2.391 orclPwdVerifierParams

Description

This attribute contains the values of different password verifier types, such as:

orclpwdverifierparams;authpassword: crypto:SASL/MDS $ realm:dc=com

orclpwdverifierparams;orclpasswordverifier: crypto:ORCLLM

orclpwdverifierparams;authpassword: crypto:ORCLWEBDAV $ realm:dc=com

Syntax

1.3.6.1.4.1.1466.115.121.1.15{256} (Directory String, 256 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.209

8.2.392 orclQueueDepth

Description

Indicates the queue depth.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.144

Other

Single-valued attribute.

8.2.393 orclQueueLatency

Description

Defines the queue latency.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.145

Other

Single-valued attribute.

8.2.394 orclReadWaitThreads

Description

Specifies the number of Oracle Internet Directory server threads waiting to read from the network.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.142

Other

Single-valued attribute.

8.2.395 orclReqAttrCase

Description

Disables or enables preserving the letter case of required attributes in search result. Allowed values are 0 (disable) or 1 (enable). The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.423

Other

Single-valued attribute

8.2.396 orclrefreshdgrmems

Description

Refresh Dynamic Group Memberships.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch (Integer)

Object ID

2.16.840.1.113894.1.1.416

Other

Single-valued attribute

8.2.397 orclReplAgreements

Description

The DNs of the replication agreement entries.

Syntax

1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.105

8.2.398 orclReplAttrConfl

Description

Specifies whether timestamp or attribute version should be honored first during attribute level conflict resolution. 0 (default): timestamp first, 1: version number first

Syntax

1.3.6.1.4.1.1466.115.121.1.27(Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.899

Other

Single valued attribute

8.2.399 orclreplautotune

Description

Dynamically vary the number of threads assigned to transport and apply tasks based on load. 0: Off, 1: On.

If you set the server to auto tune, you must specify the number of maximum number of threads to be shared between these tasks. Restart server after changing.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.827

8.2.400 orclReplicaDN

Description

For LDAP-based replication only. The DN of the consumer replica in the replication agreement.

Syntax

1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.817

8.2.401 orclReplicaID

Description

Naming attribute for the replica subentry. Its value is unique to each directory server node that is initialized at installation. The value of this attribute, assigned during installation, is unique to each directory node, and matches that of the orclreplicaID attribute at the root DSE. You cannot modify this value.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.106

Other

Single-valued attribute.

8.2.402 orclReplicaSecondaryURI

Description

Contains the set of ldapURI formatted addresses that can be used if the orclReplicaURI values cannot be used.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

2.16.840.1.113894.1.1.815

8.2.403 orclReplicaState

Description

Defines the state of the replica. Possible values are:

  • 0 (boot strapping)

  • 1 (online)

  • 2 (offline)

  • 3 (bootstrap in progress)

  • 4 (bootstrap in progress, cn=oraclecontext bootstrap has completed)

  • 5 (bootstrap completed, failure detected for one or more naming contexts)

  • 6 (database copy based add node)

  • 7 (sync schema)

  • 8 (boot strap without schema sync)

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.818

Other

Single-valued attribute.

8.2.404 orclreplicationid

Description

Unique identifier of a one-way, two-way, or peer-to-peer replication group

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.509

8.2.405 orclReplicationProtocol

Description

Defines the replication protocol for change propagation to replica. Values are:

  • ODS_ASR_1.0 (Oracle Database Advanced Replication-based protocol)

  • ODS_LDAP_1.0 (LDAP-based replication)

You cannot modify this attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.29

Other

Single-valued attribute.

8.2.406 orclReplicationState

Description

Activation state of the replication server. 0-Inactive, 1-Active

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.831

8.2.407 orclReplicaType

Description

Defines the type of replica such as read-only or read/write. Possible values are:

  • 0 (Read/Write)

  • 1 (Read-Only)

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.816

Other

Single-valued attribute.

8.2.408 orclReplicaURI

Description

Contains information in ldapURI format that can be used to open a connection to this replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

2.16.840.1.113894.1.1.814

Other

Single-valued attribute.

8.2.409 orclReplicaVersion

Description

Oracle Internet Directory version of the replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.820

Other

Single-valued attribute.

8.2.410 orclreplmaxworkers

Description

Maximum number of worker threads. Required if orclreplautotune is set.

Syntax

Integer

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.826

8.2.411 orclreplusesasl;digest-md5

Description

Use SASL for replication binds. Values are auth, auth-int, and auth-conf.

Syntax

Directory String

Matching Rule

caseIgnoreMatch; caseIgnoreSubstringMatch

Object ID

2.16.840.1.113894.1.1.829

8.2.412 orclResourceIdentifier

Description

Stores the resource identifier.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.348

8.2.413 orclResourceName

Description

Specifies the name of the resource for which the connection information is being maintained.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.350

8.2.414 orclResourceTypeName

Description

Specifies the name of the resource, for example, database, XMLPDS, JDBCPDS.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.351

8.2.415 orclResourceViewers

Description

Lists the users or groups of users who can view a Resource Access Descriptor.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.366

8.2.416 orclRevPwd

Description

Reversible encrypted value of the user password. This attribute is generated only if the attribute value of orclPwdEncryptionEnable in the password policy entry is set to 1. This attribute cannot be queried.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.216

Other

Directory operational attribute.

Not user modifiable.

8.2.417 orclrienabled

Description

Enables referential integrity. 0: disabled, 1: enabled.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.1300

Other

Single-valued attribute

8.2.418 orclrscacheattr

Description

Multi-valued attribute that specifies the Result Set Cache attributes. Default values are:

  • dn: cn=dsaconfig,cn=configsets,cn=oracle internet directory

  • orclrscacheattr: uid

  • orclrscacheattr: mail

  • orclrscacheattr: cn

  • orclrscacheattr: orclguid

Note:

Typically these attributes are not modified for the life of the entry. If an attribute has referential integrity enabled, that attribute should not be used.

Syntax

1.3.6.1.4.1.1466.115.121.1.44

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.624

Other

Multi-valued attribute.

8.2.419 orclSAMAccountName

Description

Stores the value of Active Directory's SAMAccountName attribute. In Oracle Internet Directory, this attribute is defined as a directory string type. However, in Active Directory this attribute cannot accept any special or non-printable characters. If any entry is added in Oracle Internet Directory with this attribute, it can only contain a simple text string or synchronization from Oracle Internet Directory to Active Directory will fail.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.903

Other

Single-valued attribute.

8.2.420 orclSASLAuthenticationMode

Description

SASL authentication mode indicates different modes depending on the type of authentication required and the level of security, such as, auth-only, auth-int, or auth-conf.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.700

Other

Single-valued attribute.

8.2.421 orclSASLCipherChoice

Description

Contains the SASL cipher choice. when the authentication mode is auth-conf, the SASL cipher choices can be 3DES, DES, RC4, RC4-56, or RC4-40.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.702

8.2.422 orclSASLMechanism

Description

Indicates the different kinds of SASL mechanisms supported in the LDAP server. Currently, OID supports SASL-EXTERNAL and DIGEST-MD5.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.701

8.2.423 orclsDumpFlag

Description

Determines whether to generate or stack file (default value 0) or OS level core file (value 1) in case the OID server crashes.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.407

Other

Single-valued attribute.

8.2.424 orclSearchBaseDN

Description

Contains search base information to be used when performing the directory query for identity mapping.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.706

Other

Single-valued attribute.

8.2.425 orclSearchFilter

Description

Contains search filter information to be used when performing the directory query for identity mapping.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.705

Other

Single-valued attribute.

8.2.426 orclSearchScope

Description

Contains search scope information to be used when performing the directory query for identity mapping.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.707

Other

Single-valued attribute.

8.2.427 orclSecondaryUID

Description

Indicates the secondary UID of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.360

8.2.428 orclSequence

Description

Specifies the sequence number for audit log entries.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.62

8.2.429 orclServerAvgMemGrowth

Description

Specifies the Oracle Internet Directory server process memory growth as a percentage.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.148

Other

Single-valued attribute.

8.2.430 orclServerMode

Description

Specifies if data can be written to the server. Valid values are:

  • r (read-only)

  • rw (read/write)

  • rm (read-modify, that is, to read and modify, but not to add or delete)

The default value is rw.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.51

Other

Single-valued attribute.

8.2.431 orclServerProcs

Description

Number of server processes to start. The default for configset0 is 1. You cannot use a negative value for this attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.364

Other

Single-valued attribute.

8.2.432 orclServiceInstanceLocation

Description

Specifies the DN of an instance of a service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseExactMatch

Object ID

2.16.840.1.113894.1.1.1102

Other

Single-valued attribute.

8.2.433 orclServiceMember

Description

Identifies all the service instances that are members of a logical service entity.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.1005

8.2.434 orclServiceSubscriptionLocation

Description

Specifies the DN where the list of users subscribed to a service is available.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseExactMatch

Object ID

2.16.840.1.113894.1.1.1100

Other

Single-valued attribute

8.2.435 orclServiceSubType

Description

Identifies the sub-types of a Service e.g. IMAP, SMTP are sub-type of an e-mail service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1009

Other

Single-valued attribute

8.2.436 orclServiceType

Description

Identifies the type of Service e.g. Email, Calendar, and so forth.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.4

Other

Single-valued attribute

8.2.437 orclSID

Description

Stores the SID.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.5

Other

Single-valued attribute

8.2.438 orclsimplemodchglogattributes

Description

List of multivalued attributes that, when changed, cause a simplified change log to be generated.

Syntax

DN

Matching Rule

DistinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.823

8.2.439 orclSizeLimit

Description

Maximum number of entries to be returned by a search.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.10

Other

Single-valued attribute

8.2.440 orclSkewedAttribute

Description

Attribute that contains names of attributes which are skewed. A skewed attribute has very different search response times depending on its value. You can uniform the response times for searches for such an attribute by adding it as a value of the orclskewedattribute attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.405

8.2.441 orclSkipRefInSQL

Description

Specifies whether to skip referral in SQL generated for searches. Its default value is 0. Set it to 1 if there are no referral entries in the directory; this will help optimizing search performance.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.410

Other

Single-valued attribute

8.2.442 orclSMSpec

Description

Represents a structural object class that includes common attributes for server manageability object classes.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.185

8.2.443 orclSQLexeFetchLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.132

Other

Single-valued attribute

8.2.444 orclSQLGenReusedParsed

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.134

Other

Single-valued attribute

8.2.445 orclSSLAuthentication

Description

Type of SSL authentication to use for this instance of Oracle Internet Directory server. The default value of 1, specifies no SSL authentication. Different instances can have different values. One-way and two-way SSL authentication requires a wallet. You may use one of the following three values:

  • 1 = Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption is used.

  • 32 = One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.

  • 64 = Two-way authentication. Both client and server send certificates to each other.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.13

Other

Single-valued attribute

8.2.446 orclSSLCipherSuite

Description

A cipher suite is a set of authentication, encryption, and data integrity algorithms used for exchanging messages between network nodes. During an SSL handshake, the two nodes negotiate to see which cipher suite they will use when transmitting messages back and forth. The following cipher suites are supported:

Table 8-3 SSL Cipher Suites Supported in Oracle Internet Directory

Cipher Suite Authentication Encryption Data Integrity

SSL_RSA_WITH_3DES_EDE_CBC_SHA

RSA

3DES

SHA

SSL_RSA_WITH_RC4_128_SHA

RSA

RC4

SHA

SSL_RSA_WITH_RC4_128_MD5

RSA

RC4

MD5

SSL_RSA_WITH_DES_CBC_SHA

RSA

DES

SHA

SSL_RSA_EXPORT_WITH_RC4_40_MD5

RSA

RC4_40

MD5

SSL_RSA_EXPORT_WITH_DES40_CBC_SHA

RSA

DES40

SHA

SSL_DH_anon_WITH_3DES_EDE_CBC_SHA

None

3DES

SHA

SSL_DH_anon_WITH_RC4_128_MD5

None

RC4

MD5

SSL_DH_anon_WITH_DES_CBC_SHA

None

DES

SHA

SSL_RSA_WITH_AES_128_CBC_SHA

RSA

AES

SHA

SSL_RSA_WITH_AES_256_CBC_SHA

RSA

AES

SHA


Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum.

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.19

8.2.447 orclSSLEnable

Description

Flag for enabling or disabling SSL. Use this flag when you use different instances of the same server for either SSL or non-SSL. Allowed values are:

  • 0—for non-secure operation only

  • 1—for SSL authentication only

  • 2— for both non-secure operation and SSL authentication

    The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.14

Other

Single-valued attribute

8.2.448 orclsslinteropmode

Description

Enable SSL interoperability with Oracle legacy applications using no-auth mode.

Starting with Oracle Internet Directory 11g Release 1 (11.1.1.7.0), the default value is disabled (orclsslinteropmode = 0), in order to be fully compliant with the JDK SSL.

In no-auth mode, Oracle legacy components developed before 11g Release 1 (11.1.1) such as legacy LDAP C clients can connect with Oracle Internet Directory only by using an instance that has interoperability mode enabled (orclsslinteropmode = 1).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.422

Other

Single-valued attribute

8.2.449 orclSSLPort

Description

The default SSL default port for the directory server. Default value is 3133. When you run the directory in the secure mode, it listens at default port 3133 and accepts only SSL-based TCP/IP connections. (When you run the directory in the normal mode, it listens at default port 389, accepting normal TCP/IP connections.) You might want to change this port when you add multiple LDAP server instances.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.17

Other

Single-valued attribute

8.2.450 orclSSLVersion

Description

SSL version. The default value is 3.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.18

Other

Single-valued attribute

8.2.451 orclSSLWalletURL

Description

Sets the location of the Oracle Wallet. You initially set this value when you create the wallet. If you elect to change the location of the Oracle Wallet, you must change this parameter. You must set the wallet location on both the client and the server. For example, on UNIX, you could set this parameter as follows:

file:/home/my_dir/my_wallet

On Microsoft Windows, you could set this parameter as follows:

file:C:\my_dir\my_wallet

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.15

Other

Single-valued attribute

8.2.452 orclStatsDN

Description

Specifies list of user DNs for which to track LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.187

8.2.453 orclStatsFlag

Description

Enable or disable the Oracle Internet Directory Server Manageability framework. To enable, set this to 1. To disable, set it to 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.197

Other

Single-valued attribute.

8.2.454 orclStatsLevel

Description

Level of statistics collection for users. There is only one valid value in this release, 1. Specifying this value collects the number of bind and compare operations against the directory and the user who performed each one.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.199

Other

Single-valued attribute.

8.2.455 orclStatsOp

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.188

Other

Single-valued attribute.

8.2.456 orclStatsPeriodicity

Description

Time interval in minutes for gathering server manageability statistics. The default value is 60.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.198

Other

Single-valued attribute.

8.2.457 orclStatus

Description

Depending on the context of the object that it is applied to, like a service, it indicates if the service is available or not.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.9.1.9

8.2.458 orclSUAccountLocked

Description

Determines whether a superuser account is locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.192

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.459 orclSubscriberDisable

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.100

Other

Single-valued attribute.

8.2.460 orclSubscriberFullName

Description

Stores the full name of the configured realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.333

Other

Single-valued attribute.

8.2.461 orclSubscriberNickNameAttribute

Description

Stores a name of an attribute that holds the unique identifier of a realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.302

Other

Single-valued attribute.

8.2.462 orclSubscriberSearchBase

Description

Specifies the DIT node that contains all realms.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.301

8.2.463 orclSubscriberType

Description

Defines the type of realm created.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.331

Other

Single-valued attribute.

8.2.464 orclSuffix

Description

To have the directory server manage part of an LDAP directory, you can specify the highest level parent DNs in the server configuration. These DNs are called suffixes. The server can access all objects in the directory that are below the specified suffix in the directory hierarchy. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.6

Other

Single-valued attribute.

8.2.465 orclSuiteType

Description

Identifies the type of suite e.g ocs, ebiz, and so forth.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1011

Other

Single-valued attribute.

8.2.466 orclSULoginFailureCount

Description

The number of failed login attempts for the directory superuser.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.191

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.467 orclSUName

Description

The distinguished name of the directory superuser account, for example, cn=orcladmin.

Syntax

1.3.6.1.4.1.1466.115.121.1.12

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.8

Other

Single-valued attribute.

8.2.468 orclSUPassword

Description

Oracle Internet Directory superuser password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.9

Other

Single-valued attribute.

8.2.469 orclSystemName

Description

Identifies the host name on which a particular instance of a service is running.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.3

Other

Single-valued attribute.

8.2.470 orclTcpConnToClose

Description

Specifies the number of clients for which the Oracle Internet Directory server will close TCP connections.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.153

Other

Single-valued attribute.

8.2.471 orclTcpConnToShutDown

Description

Specifies the number of clients for which the Oracle Internet Directory server will shut down TCP connections.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.152

Other

Single-valued attribute.

8.2.472 orclThreadSpawnFailed

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.154

Other

Single-valued attribute.

8.2.473 orclThreadsPerSupplier

Description

Specifies the number of threads per supplier for the Oracle directory replication server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integermatch

Object ID

2.16.840.1.113894.1.1.31

Other

DSA operational attribute.

8.2.474 orclTimeLimit

Description

Maximum number of seconds allowed for a search to be completed. The default value is 3600.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.65

Other

Single-valued attribute.

8.2.475 orclTimeZone

Description

Specifies the time zone applicable for a user location.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.311

8.2.476 orclTLimitMode

Description

Defines the time limit mode.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.406

Other

Single-valued attribute.

8.2.477 orclTotFreePhyMem

Description

Stores the total amount of free system physical memory.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.146

Other

Single-valued attribute.

8.2.478 orclTraceDimesionLevel

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.174

Other

Single-valued attribute.

8.2.479 orclTraceFileLocation

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.176

Other

Single-valued attribute.

8.2.480 orclTraceFileSize

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.177

Other

Single-valued attribute.

8.2.481 orclTraceLevel

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.173

Other

Single-valued attribute.

8.2.482 orclTraceMode

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.175

Other

Single-valued attribute.

8.2.483 orclTrustedApplicationGroup

Description

Identifies the DN of the group that list all the applications that specific application trusts for Service to Service Authentication.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.368

8.2.484 orclTraceMode

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.175

Other

Single-valued attribute.

8.2.485 orclTxnMaxOperations

Description

Maximum number of operations allowed in a transaction.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.381

Other

Single-valued attribute

8.2.486 orclTxnTimeLimit

Description

Maximum allowed time in a transaction (sec).

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.380

Other

Single-valued attribute

8.2.487 orclUIAccessibilityMode

Description

Set to TRUE to display a user interface that is accessible to people with impaired vision.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.367

Other

Single-valued attribute.

8.2.488 orclUniqueAttrName

Description

The name of an attribute that you want to be unique. Autoboot uniqueness means that each entry must have a unique value for this attribute type.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.500

Other

Single-valued attribute.

8.2.489 orclUniqueEnable

Description

Disables or enables attribute uniqueness constraints. Allowed values are 0 (disable) or 1 (enable). The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.508

Other

Single-valued attribute.

8.2.490 orclUniqueObjectClass

Description

Specifies an object class filter for an attribute uniqueness constraint entry. This means the attribute specified in orclUniqueAttrNamemust be unique in an instance of this object class.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.503

Other

Single-valued attribute.

8.2.491 orclUniqueScope

Description

The scope of the attribute uniqueness constrain in the DIT. Allowed values are:

  • base—Searches the root entry only

  • onelevel—Searches one level only

  • sub—Searches the entire directory

The default value is sub.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.501

Other

Single-valued attribute.

8.2.492 orclUniqueSubtree

Description

When multiple attribute uniqueness constraints have the same values in orclUniqueAttrName, orclUniqueScope and orclUniqueObjectClass, but different values in orcluniquesubtree, the union of subtree scopes specified by those attribute uniqueness constraints is checked.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.502

Other

Single-valued attribute.

8.2.493 orclUnsyncRevPwd

Description

This attribute stores a password that is not synchronized with the entry in the userpassword.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.217

Other

Directory operational attribute.

Not user modifiable.

8.2.494 orclUpdateSchedule

Description

Replication update interval for new changes and those being retried. The value is in seconds.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integermatch

Object ID

2.16.840.1.113894.1.1.30

Other

Directory operational attribute.

Not user modifiable.

Single-valued attribute.

8.2.495 orclUpgradeInProgress

Description

Indicates whether rolling upgrade is in progress.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.104

Other

Single-valued attribute.

8.2.496 orclUserDN

Description

The distinguished name (DN) of the user who performed an operation.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.61

8.2.497 orclUserIDAttribute

Description

Specifies the attribute to use as the user identifier value when accessing the resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.352

Other

Single-valued attribute.

8.2.498 orclUserModifiable

Description

Specifies if the data is modifiable by the user that this resource access descriptor entry is created for.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

1.2.3.4.5.6.1.11

8.2.499 orclUserObjectClasses

Description

A list of the object classes that comprise a user entity.

Syntax

1.3.6.1.4.1.1466.115.121.1.15

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.329

8.2.500 orclUserPrincipalName

Description

The is the Kerberos user principal name for Microsoft Active Directory users.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.904

Other

Single-valued attribute.

8.2.501 orclVersion

Description

The release version of the Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.1

Other

Single-valued attribute.

8.2.502 orclWirelessAccountNumber

Description

Stores the wireless account number of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.365

Other

Single-valued attribute.

8.2.503 orclWorkflowNotificationPref

Description

Identifies workflow notification preferences for a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.313

8.2.504 orclWriteWaitThreads

Description

Specifies the number of Oracle Internet Directory server threads waiting to write to the network.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.143

Other

Single-valued attribute.

8.2.505 owner

Description

Specifies the distinguished name (DN) of some object which has some responsibility for the associated object.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.5.4.32

8.2.506 pilotStartTime

Description

The time stamp of when pilot mode was started for a replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.825

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.507 preferredServerList

Description

The IP addresses of the preferred servers that a directory user agent should use in a space separated list. The servers in this list are tried in order before those in the defaultServerList until a successful connection is made. This has no default value. At least one server must be specified in either preferredServerList or defaultServerList.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (Printable String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.2

Other

Single-valued attribute.

8.2.508 profileTTL

Description

The time to live before a client directory user agent (DUA) should re-read this configuration profile. The values for profileTTL can be zero, to indicate no expiration, or a positive integer combined with one of the following letters to indicate the unit of measure:

d: indicates days

h: indicates hours

m: indicates minutes

s: indicates seconds

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.11.1.3.1.1.7

Other

Single-valued attribute.

8.2.509 protocolInformation

Description

This attribute is used in conjunction with the presentationAddress attribute, to provide additional information to the Open System Interconnection (OSI) network service.

Syntax

1.3.6.1.4.1.1466.115.121.1.42 (Protocol Information)

Matching Rule

protocolInformationMatch

Object ID

2.5.4.48

8.2.510 pwdAccountLockedTime

Description

The time stamp of when a user's account was locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.17

Other

Single-valued attribute.

Directory operational attribute.

No user modification.

8.2.511 pwdAllowUserChange

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.14

Other

Single-valued attribute.

8.2.512 pwdChangedTime

Description

The time stamp indicating when the user's current password was created or modified.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.16

Other

Single-valued attribute.

Directory operational attribute.

No user modification.

8.2.513 pwdCheckSyntax

Description

A value of 1 (default) means passwords are checked for syntax errors. A value of 0 means syntax checking is disabled.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.5

Other

Single-valued attribute.

8.2.514 pwdExpirationWarned

Description

The time stamp when the first password expiration warning was sent to the user.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.18

Other

Directory operational attribute.

No user modification.

8.2.515 pwdExpireWarning

Description

The number of seconds before a password expires that a warning should be sent to the user. The user will see the warning when they attempt to log on during the warning period. If the user does not modify the password before it expires, the user is locked out until the password is changed by the administrator. The default value is 0, which means no warnings are sent.

For this feature to work, the client application must support it.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.7

Other

Single-valued attribute.

8.2.516 pwdFailureCountInterval

Description

The number of seconds after which the password failure times are purged from the user entry. If this attribute is not present, or if it has a value of 0, then failure times are never purged. The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.12

Other

Single-valued attribute.

8.2.517 pwdFailureTime

Description

The time stamp of consecutive failed login attempts by the user.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.19

Other

Directory operational attribute.

No user modification.

8.2.518 pwdGraceLoginLimit

Description

Maximum number of grace logins allowed after a password expires. The default value is 0 (no grace logins allowed). The recommended value is 3.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.8

Other

Single-valued attribute.

8.2.519 pwdGraceLoginTimeLimit

Description

Number of seconds after account lockout to allow grace logins.

Syntax

1.3.6.1.4.1.1466.115.121.1.27(Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.418

Other

Single-valued attribute.

8.2.520 pwdGraceUseTime

Description

The time stamps of each grace login for a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.21

Other

Directory operational attribute.

No user modification.

8.2.521 pwdHistory

Description

A history of a user's previous passwords. The number of passwords stored in the history is determined by the pwdInHistory attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.20

Other

Single-valued attribute.

Directory operational attribute.

No user modification.

8.2.522 pwdInHistory

Description

Number of previous passwords to be stored in the password history (pwdHistory). If a user attempts to reuse one of the passwords stored in the history, then the password is rejected. The default value is 0 (no previous passwords stored in the history).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.4

Other

Single-valued attribute.

8.2.523 pwdLockout

Description

Specification for whether users are locked out of the directory after the number of consecutive failed bind attempts specified by pwdMaxFailure. If the value of this policy attribute is TRUE, then users are locked out. If this attribute is not present, or if the value is FALSE, then users are not locked out and the value of pwdMaxFailure is ignored. By default, account lockout is enforced.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.9

Other

Single-valued attribute.

8.2.524 pwdLockoutDuration

Description

The number of seconds a user is locked out of the directory if both of the following are true:

  • Account lockout is enabled.

  • The user has been unable to bind successfully to the directory for at least the number of times specified by pwdMaxFailure.

You can set user lockout for a specific duration, or until the administrator resets the user's password. A default value of 0 (zero) means that the user is locked out forever. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.10

Other

Single-valued attribute.

8.2.525 pwdMaxAge

Description

The maximum number of seconds that a given password is valid. If this attribute is not present, or if the value is 0 (zero), then the password does not expire. By default, the passwords expire in 60 days.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.3

Other

Single-valued attribute.

8.2.526 pwdMaxFailure

Description

The number of consecutive failed bind attempts after which a user account is locked. If this attribute is not present, or if the value is 0 (zero), then the account is not locked due to failed bind attempts, and the value of the password lockout policy is ignored. The default is 4.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.11

Other

Single-valued attribute.

8.2.527 pwdMinAge

Description

This attribute holds the number of seconds that must elapse between modifications to the password. If this attribute is not present, 0 seconds is assumed.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.2

Other

Single-valued attribute.

8.2.528 pwdMinLength

Description

The minimum number of characters required in a password. The default is 5. The value for this attribute must be at least 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.6

Other

Single-valued attribute.

8.2.529 pwdMustChange

Description

Indicator of whether users must change their passwords after the first login, or after the password is reset by the administrator. Enabling this option requires users to change their passwords even if user-defined passwords are disabled. By default, users need not change their passwords after reset. Allowed values are 1 (true) or 0 (false).

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.13

Other

Single-valued attribute.

8.2.530 pwdpolicysubentry

Description

DN of the password policy applicable at the subtree rooted at this DN.

Syntax

1.3.6.1.4.1.1466.115.121.1.34

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.417

8.2.531 pwdReset

Description

Indicator that the password has been reset and must be changed by the user on first authentication. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.22

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

8.2.532 pwdSafeModify

Description

Indicator of whether user must supply old password with new one when modifying password. By default, the old password is not required. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.15

Other

Single-valued attribute.

8.2.533 ref

Description

A named reference. Values placed in the attribute must conform to the specification given for the labeledURI attribute (RFC 2079).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

2.16.840.1.113730.3.1.34

Other

DSA operational attribute.

8.2.534 seeAlso

Description

Specifies the distinguished names of other directory objects which may be other aspects (in some sense) of the same real world object.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.5.4.34

8.2.535 serverName

Description

The name of the server involved in an Oracle Directory Integration and Provisioning change subscription.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

caseignoresubstringsmatch

Object ID

2.16.840.1.113894.1.1.34

8.2.536 serviceAuthenticationMethod

Description

The authentication method for the service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

N/A

Object ID

1.3.6.1.4.1.11.1.3.1.1.15

8.2.537 serviceCredentialLevel

Description

The credential level to be used by a service. The default value for all services is NULL. The supported credential levels are anonymous or proxy.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

N/A

Object ID

1.3.6.1.4.1.11.1.3.1.1.13

8.2.538 serviceSearchDescriptor

Description

Defines how and where an LDAP naming service client should search for information for a particular service. Contains a service name, followed by one or more semicolon-separated base-scope-filters.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.8

8.2.539 sn

Description

The surname or last name of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{32768} (Directory String, 32768 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.5.4.4

8.2.540 supportedcontrol

Description

List of controls supported by directory server.

Syntax

OID

Object ID

1.3.6.1.4.1.1466.101.120.13

8.2.541 supportedextension

Description

List of extended operation supported

Syntax

OID

Object ID

1.3.6.1.4.1.1466.101.120.7

8.2.542 supportedldapversion

Description

LDAP versions supported.

Syntax

Integer

Object ID

1.3.6.1.4.1.1466.101.120.15

8.2.543 uniqueMember

Description

The distinguished name for the member of a group.

Syntax

1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.5.4.50

8.2.544 supportedsaslmechanisms

Description

List of SASL mechanism supported.

Syntax

Directory String

Matching Rule

Object ID

1.3.6.1.4.1.1466.101.120.14

8.2.545 userCertificate;binary

Description

The user's certificate.

Syntax

1.3.6.1.4.1.1466.115.121.1.8 (Certificate)

Matching Rule

octetStringMatch

Object ID

2.5.4.36

8.2.546 userPassword

Description

The password used to authenticate a user to the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.5.4.35

Other

Single-valued attribute.

8.2.547 userPKCS12

Description

PKCS#12 PFX PDU for exchange of personal identity information.

Syntax

1.3.6.1.4.1.1466.115.121.1.5 (Binary)

Matching Rule

N/A

Object ID

2.16.840.1.113730.3.1.216

8.2.548 x509issuer

Description

The DN of the certificate authority who issued the X.509 certificate revocation list.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

1.3.6.1.4.1.10126.1.5.3.4