Oracle® Identity Management User Reference
10g Release 2 (10.1.2) B15883-01 |
|
Previous |
Next |
This section contains an alphabetical listing of the Oracle Identity Management attributes. These are the attributes used in entries pertaining to Oracle Internet Directory, Oracle Directory Integration and Provisioning, Oracle Delegated Administration Services, OracleAS Single Sign-On, and Oracle Application Server Certificate Authority.
Description
Attribute mappings used by the POSIX naming directory user agent (DUA).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.9
Description
Attribute types supported by the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.3 (Attribute Type Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
2.5.21.5
Other
Directory operational attribute.
Description
Identifies the type of authentication method used to contact the directory server agent (DSA).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.6
Other
Single-valued attribute.
Description
Attribute for storing a password to an Oracle component when that password is the same as that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is synchronized with that in the userPassword attribute.
Several different applications can require the user to enter the same clear text password used for the directory, but each application may hash it with a different algorithm. In this case, the same clear text password can become the source of several different password verifiers.
This attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password. If the userpassword
attribute is modified, then the authpassword
values for all applications are regenerated.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
1.3.6.1.4.1.4203.1.3.4
Description
Maximum time in seconds a POSIX directory user agent (DUA) should allow for a search to complete.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.11.1.3.1.1.4
Other
Single-valued attribute.
Description
Specifies the country associated with a user's address.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.5.4.6
Other
Single-valued attribute.
Description
The common name (nickname) attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseIgnoreMatch
Object ID
2.5.4.3
Description
Specifies the permissible content of entries of a particular structural object class through the identification of an optional set of auxiliary object classes, mandatory, optional, and precluded attributes.
Syntax
1.3.6.1.4.1.1466.115.121.1.16 (DIT Content Rule Description)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1004
Description
The time that the entry was created.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rules
generalizedTimeMatch
Object ID
2.5.18.1
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
The DN of the entity (such as a user or an application) that created the entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.18.3
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
Identifies the type of credentials a POSIX directory user agent (DUA) should use when binding to the directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.10
Other
Single-valued attribute.
Description
The default base DN used by a POSIX directory user agent (DUA).
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
1.3.6.1.4.1.11.1.3.1.1.1
Description
User defined search scope used by a POSIX directory user agent (DUA).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.12
Other
Single-valued attribute.
Description
The IP addresses of the default servers that a directory user agent (DUA) should use in a space separated list. After the servers in preferredServerList are tried, those default servers on the client's subnet are tried, followed by the remaining default servers, until a connection is made. At least one server must be specified in either preferredServerList
or defaultServerList
. This attribute has no default value.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.0
Other
Single-valued attribute.
Description
An optional description for the entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.5.4.13
Description
The preferred name used when displaying the entry in the GUI tools.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113730.3.1.241
Other
Single-valued attribute.
Description
Tells a POSIX directory user agent (DUA) if it should follow referrals returned by a directory server agent (DSA) search result.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.5
Other
Single-valued attribute.
Description
Fully qualified name of distinguished Java class or interface.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseExactMatch
Object ID
1.3.6.1.4.1.42.2.27.4.1.6
Other
Single-valued attribute.
Description
A photograph file in JPEG format.
Syntax
1.3.6.1.4.1.1466.115.121.1.28 (Binary)
Matching Rule
octetStringMatch
Object ID
0.9.2342.19200300.100.1.60
Description
Contains the Kerberos principal name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
1.3.18.0.2.4.1091
Other
Single-valued attribute.
Description
Uniform Resource Locator (URL).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
1.3.6.1.4.1.250.1.57
Description
Identifies the LDAP syntaxes implemented in the directory schema.
Syntax
1.3.6.1.4.1.1466.115.121.1.54 (LDAP Syntax Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
1.3.6.1.4.1.1466.101.120.16
Other
Directory operational attribute.
Description
This attribute is defined in RFC 1274. Identifies a user's primary e-mail address (the e-mail address retrieved and displayed by "white-pages" lookup applications).
For example: mail: user.name@oracle.com
Syntax
1.3.6.1.4.1.1466.115.121.1.26{256} (IA5 String, 256 character maximum)
Matching Rule
caseIgnoreIA5Match
Object ID
0.9.2342.19200300.100.1.3
Other
Directory operational attribute.
Description
Identifies the matching rules implemented in the directory schema.
Syntax
1.3.6.1.4.1.1466.115.121.1.30 (Matching Rule Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
2.5.21.4
Description
A user's middle name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
1.3.6.1.4.1.1466.101.120.34
Description
The DN of the entity (such as a user or application) that last updated the entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.18.4
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
The time the entry was last modified.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.5.18.2
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
Top-level DNs for the naming contexts contained in this server. You must have super user privileges to publish a DN as a naming context. There is no default value.
This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.1466.101.120.5
Other
DSA operational attribute.
Description
The list of object classes from which this object class is derived.
Syntax
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
Matching Rule
objectIdentifierMatch
Object ID
2.5.4.0
Description
Defines the object classes which are in force within a subschema.
Syntax
1.3.6.1.4.1.1466.115.121.1.37 (Object Class Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
2.5.21.6
Other
Directory operational attribute.
Description
A mapping from an object class defined by a directory user agent (DUA) to an object class in an alternative schema used in the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.11
Description
Access control instructions are stored in the directory as attributes of entries. The orclACI
attribute is an operational attribute; it is available for use on every entry in the directory, regardless of whether it is defined for the object class of the entry. It is used by the directory server to evaluate what rights are granted or denied when it receives an LDAP request from a client.
Syntax
1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)
Matching Rule
accessDirectiveMatch
Object ID
2.16.840.1.113894.1.1.42
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.129
Other
Single-valued attribute.
Description
Specifies the number of active connections to the Oracle Internet Directory server, including client LDAP connections and database connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.150
Other
Single-valued attribute.
Description
Specifies the date and time beyond which a user is not allowed to authenticate.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.339
Other
Single-valued attribute.
Description
Specifies the date and time that a user account is active and the user is allowed to authenticate. If not specified, then the user is considered active immediately.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.330
Other
Single-valued attribute.
Description
Specifies the number of active threads on the Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.140
Description
Naming attribute for the replication agreement entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.26
Other
Single-valued attribute.
Description
Specifies whether anonymous binds to the directory are allowed or not. If set to 1, then anonymous binds are allowed. If set to 0 (zero), then they are not allowed. The default is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.299
Other
Single-valued attribute.
Description
The full name of an application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.320
Description
The unique identifier of an application entry associated with a password verifier.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.207
Other
Single-valued attribute.
Description
The common name (cn) of the application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.319
Description
Identifies the application type, such as OracleAS Portal.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.280
Other
Single-valued attribute.
Description
Identifies the associated Oracle Database instance with the application or service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1007
Description
Identifies the associated Oracle Application Server instance with the application or service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1006
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.138
Other
Single-valued attribute.
Description
Identifies the audit attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.58
Description
Specifies the audit level.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.63
Other
Single-valued attribute.
Description
Stores an audit message.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.59
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.139
Other
Single-valued attribute.
Description
Contains the DN of the catalog entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.50
Other
Single-valued attribute.
Description
Identifies the category.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.317
Description
Holds the OID
of a field within an extension field of the client certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
Matching Rule
objectIdentifierMatch
Object ID
2.16.840.1.113894.1.1.711
Other
Single-valued attribute.
Description
Holds the extension field OID
of the client certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
Matching Rule
objectIdentifierMatch
Object ID
2.16.840.1.113894.1.1.709
Other
Single-valued attribute.
Description
This is a special catalog attribute used for certificate matching. The value of this attribute is computed by calculating a hash of the user certificate when it is added to Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.184
Other
Single-valued attribute.
Not user modifiable.
Description
This is a special catalog attribute used for certificate matching. The value of this attribute contains the correct matching value to use for a user certificate based on the orclPKIMatchingRule setting.
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.183
Other
Single-valued attribute.
Not user modifiable.
Description
Holds the standard field OID
of the client certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.708
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.806
Other
Single-valued attribute.
DSA operational attribute.
Description
The number of processing retry attempts for a replication change-entry before being moved to the human intervention queue. The value for this parameter must be equal to or greater than 1 (one).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.23
Other
Single-valued attribute.
DSA operational attribute.
Description
Contains the name of the attribute that holds the GUID of objects.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.9
Other
Single-valued attribute.
Description
Specifies if auto-registration is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.567
Other
Single-valued attribute.
Description
Stores the common context map.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.904
Other
Single-valued attribute.
Description
Identifies the default user creation base where users are created.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.908
Other
Single-valued attribute.
Description
Identifies the group creation base under which Oracle Delegated Administration Services creates groups
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.903
Description
Specifies the attribute that holds the Kerberos principal name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.15
Other
Single-valued attribute.
Description
Specifies the name of the attribute that is used as an RDN component when creating a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.900
Description
Specifies the name of the attribute that uniquely identifies users.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.7
Other
Single-valued attribute.
Description
Specifies the common password policy.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.12
Description
Identifies the common SASL realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.20
Other
Single-valued attribute.
Description
Identifies the branch that contains user entries.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.7.1.10
Description
Specifies whether the common verifier is enabled.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.214
Other
Single-valued attribute.
Description
Specifies the common Windows principal attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.910
Other
Single-valued attribute.
Description
The configuration parameters for each Oracle Internet Directory server instance are stored in an entry called a configuration set entry (configset). This attribute specifies a number of a configset entry, which can be referenced when starting an Oracle Internet Directory server instance. The number of the default configset entry is 0 (zero).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.40
Other
Single-valued attribute.
Description
The attribute type name that you want to use as the filter for a dynamic group query—for example, manager
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1001
Other
Single-valued attribute.
Description
A naming context in the DIT that you want to use as the base for a dynamic group query—for example, l=us,dc=mycompany,dc=com
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1003
Other
Single-valued attribute.
Description
For a dynamic group query, this specifies the DN of the attribute you specified in the orclConnectByAttribute attribute—for example, Anne Smith
.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1002
Other
Single-valued attribute.
Description
Specifies the format used to construct the connect string associated with a resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.354
Other
Single-valued attribute.
Description
Identifies a contact.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.332
Other
Single-valued attribute.
Description
The hash algorithm used to encrypt passwords that are stored in the directory. Options are: MD4, MD5, No encryption, SHA, SSHA, or UNIX Crypt. The default is MD4.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.68
Other
Single-valued attribute.
Description
Specifies whether or not administration of this entry is available through Oracle Delegated Administration Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.324
Other
Single-valued attribute.
Description
Specifies the display order of an attribute in Oracle Delegated Administration Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.341
Description
Specifies the name of an attribute to show in Oracle Delegated Administration Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.340
Description
Specifies whether or not to display a product logo on the Identity Management Realm Configuration window of Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.362
Other
Single-valued attribute.
Description
Specifies whether or not to display a realm logo on the Identity Management Realm Configuration window of Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.361
Other
Single-valued attribute.
Description
Specifies whether or not an attribute is enabled for Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.344
Other
Single-valued attribute.
Description
Specifies whether or not an attribute is mandatory for Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.321
Other
Single-valued attribute.
Description
Specifies whether or not an attribute is personal information to be supplied by a user in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.326
Other
Single-valued attribute.
Description
The list of values to display to users in the UI when the orclDASUIType=Predefined List.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.328
Description
Specifies the DNs of groups available for Oracle Delegated Administration Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.343
Description
Specifies whether of not this attribute is searchable in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.906
Other
Single-valued attribute.
Description
Indicates the position in the DAS search result table column, if present.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.902
Other
Single-valued attribute.
Description
Specifies whether the attribute is searchable through Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.325
Other
Single-valued attribute.
Description
The maximum number of entries to return in a Oracle Delegated Administration Services search.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.363
Other
Single-valued attribute.
Description
Specifies whether or not an attribute is modifiable by the user in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.322
Other
Single-valued attribute.
Description
Specifies the UI field type for an attribute when displayed in Oracle Delegated Administration Services. Options are:
Single Line Text
Multi Line Text
Predefined List
Date
Browse and Select
Number
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.327
Other
Single-valued attribute.
Description
The corresponding URL of an Oracle Delegated Administration Services unit.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.310
Description
This holds the URL base in install area for Oracle Delegated Administration Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.345
Description
Specifies whether or not this attribute can be used for password reset validation purposes in Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.905
Other
Single-valued attribute.
Description
Specifies whether or not this attribute is viewable through Oracle Delegated Administration Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.323
Other
Single-valued attribute.
Description
Specifies the date on which an individual was born.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.307
Other
Single-valued attribute.
Description
Indicates a connection failure to the database in an error log entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.155
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.130
Other
Single-valued attribute.
Description
Contains the database schema identifier.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.347
Description
The type of database used. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.5
Other
Single-valued attribute.
Description
The debug level associated with a server instance. The default for is 0 (zero). The valid range is 0 to 67108863.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.97
Other
Single-valued attribute.
Description
Specifies whether debug messages are to be written to the log file when a message is logged by the directory server. To enable it, set its value to 1. To disable it set it to 0, which is its default value.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.193
Other
Single-valued attribute.
Description
To make logging more focused, limits logged information to particular directory server operations by specifying the debug dimension to those operations. Values for operations are:
1 - ldapbind
2 - ldapunbind
4 - ldapadd
8 - ldapdelete
16 - ldapmodify
32 - ldapmodrdn
64 - ldapcompare
128 - ldapsearch
264 - ldapabandon
511 - all operations
To log more than one operation, add the values of their dimensions. For example, if you want to trace ldapbind (1), ldapadd (4) and ldapmodify (16) operations, then the value would be 21 (1 + 4 + 16 = 21).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.601
Other
Single-valued attribute.
Description
Holds the DN of the group to designate the default group for a user, such that a default profile can be built for the user based on this attribute value.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.309
Other
Single-valued attribute.
Description
Identifies the default realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.312
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.131
Other
Single-valued attribute.
Description
Used to determine if the directory is used as the Oracle Directory Integration and Provisioning repository.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.124
Other
Single-valued attribute.
Description
The version of Oracle Internet Directory. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.67
Other
Single-valued attribute.
Description
Contains the directory replication group agreement DN.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.25
Other
DSA operational attribute.
Description
For Advanced Replication-based directory replication groups (DRGs), the orclReplicaID values of all the nodes in the DRG. This list must be identical on all nodes in the group. This attribute is not applicable for LDAP-based replication agreements.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.48
Other
DSA operational attribute.
Description
Specifies if the user's personal information should be displayed in white pages queries. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.304
Other
Single-valued attribute.
Description
The root of the directory information tree (DIT). This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.7
Other
Single-valued attribute.
Description
Identifies the selected domain name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.408
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.161
Other
Single-valued attribute.
Description
Specifies whether or not entry caching is enabled. The value for enabled is 1; the value for disabled is 0. The default is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.400
Other
Single-valued attribute.
Description
Stores the cache hit ratio.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.170
Other
Single-valued attribute.
Description
Maximum number of entries that can be present in the entry cache. The default is 25,000.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.402
Other
Single-valued attribute.
Description
Stores the maximum size of an cache entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.602
Other
Single-valued attribute.
Description
Maximum number of bytes of RAM that the entry cache can use. The default is 100 MB.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.401
Other
Single-valued attribute.
Description
The number of entries currently in the entry cache.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.171
Other
Single-valued attribute.
Description
The current size of the entry cache.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.172
Other
Single-valued attribute.
Description
Determines whether an application is enabled.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.1008
Other
Single-valued attribute.
Description
Whether or not to cache privilege groups and ACL groups. Using this cache improves the performance of access control evaluation for users.
Use the group cache when a privilege group membership does not change frequently. If a privilege group membership does change frequently, then it is best to turn off the group cache. This is because, in such a case, computing a group cache increases overhead. The default is 1 (enabled). Change to 0 (zero) to disable.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.403
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.136
Other
Single-valued attribute.
Description
Specifies the ACI that holds object level ACL.
Syntax
1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)
Matching Rule
accessDirectiveMatch
Object ID
2.16.840.1.113894.1.1.43
Description
Specifies critical events related to security and system resources to be recorded for server manageability statistics. The default value is 0. Allowed values are:
0 — No events
1— Super user login
2 — Proxy user login
4 — Replication login
8 — Add access
16 — Delete access
32 — Write access
64 — ORA-3113 error
128 — ORA-3114 error
255 — All critical events
This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
For events other than super user, proxy user, and replication login, set the value of the orclStatsFlag attribute to 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.195
Other
Single-valued attribute.
Description
The time that a logged directory event occurred.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.60
Description
The type of logged directory event.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.57
Description
Specifies an attribute (within the specified naming context) to be excluded from replication. Applies to partial replication only.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.506
Other
DSA operational attribute.
Description
For Advanced Replication-based agreements, this attribute specifies one or more subtrees to be excluded from replication.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.47
Other
DSA operational attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.163
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.137
Other
Single-valued attribute.
Description
An additional attribute for storing more information about a resource, service, or component.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.355
Description
An additional attribute for storing more information about a resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.356
Description
An additional attribute for storing more information about a resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.357
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.128
Other
Single-valued attribute.
Description
The gender of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.346
Other
Single-valued attribute.
Description
Stores the general object latency.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.133
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.135
Other
Single-valued attribute.
Description
Specifies the global ID.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.8
Other
Single-valued attribute.
Description
This is the global unique identifier for an entry within Oracle Internet Directory. The value for this attribute is automatically generated when an entry is created and remains constant, even if an entry is moved.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.37
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
The DN of the guest user account for Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.11
Other
Single-valued attribute.
Description
Password for the guest user account in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.12
Other
Single-valued attribute.
Description
The interval, in minutes, at which the directory replication server repeats the change application process.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.98
Other
Single-valued attribute.
DSA operational attribute.
Description
Specifies the date on which a user was hired by the organization.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.308
Other
Single-valued attribute.
Description
The credit card expiration date for a subscriber.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.338
Other
Single-valued attribute.
Description
The credit card number for a subscriber.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.337
Other
Single-valued attribute.
Description
The credit card type for a subscriber.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.336
Other
Single-valued attribute.
Description
The DUNS number of a business subscriber. DUNS (Data Universal Numbering System) is a unique nine character company identification number issued by Dun and Bradstreet Corporation used to identify a US corporate entity.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.334
Other
Single-valued attribute.
Description
Payment terms for a subscriber account.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.335
Other
Single-valued attribute.
Description
The host name of the Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.41
Other
Single-valued attribute.
Description
The number of open connections that are currently inactive. Oracle Internet Directory tracks the idle connections for server manageability statistics.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.151
Other
Single-valued attribute.
Description
The number of application process threads that are currently inactive. Oracle Internet Directory tracks the idle threads for server manageability statistics.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.141
Other
Single-valued attribute.
Description
The naming context included in a partial replica. For each naming context object, you can specify only one unique subtree.
In partial replication, except for subtrees listed in the orclExcludedNamingContexts attribute, all subtrees in the specified included naming context are replicated.
Only LDAP-based replication agreements respect this attribute to define one or more partial replicas. If this attribute contains any values in an Advanced Replication-based replication agreement, then it is ignored.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.819
Other
Single-valued attribute.
DSA operational attribute.
Description
Attributes that are indexed in the Oracle Internet Directory catalog.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.49
Description
Whether or not index hints are used. Index hints are used to specify which index or indexes you want used when a query runs.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.409
Other
Single-valued attribute.
Description
The memory size of the Oracle Internet Directory server at start up.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.147
Other
Single-valued attribute.
Description
Time interval in seconds between executions of Oracle Directory Integration and Provisioning profiles.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.8
Description
The IP address of the Oracle Internet Directory server host.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.186
Description
Whether or not a user or service subscriber is enabled in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.316
Other
Single-valued attribute.
Description
This attribute is used to determine if users or groups will be visible to applications managed by Oracle Delegated Administration Services, such as OracleAS Portal. OracleAS Single Sign-On does not use this attribute. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.303
Other
Single-valued attribute.
Description
For Oracle Directory Integration and Provisioning export operations, the last change from Oracle Internet Directory that was applied to the connected directory. The default value is 0. If you have used the Oracle Directory Integration and Provisioning Assistant to bootstrap the connected directory, then this value is set automatically at the end of the bootstrapping process. This is valid only in the export profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.69
Other
Single-valued attribute.
Description
For replication, whether or not to keep the LDAP connection to the connected directory alive due to activity. If not set Oracle Internet Directory will drop inactive connections after a period of time. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.822
Other
Single-valued attribute.
Description
The number of seconds before Oracle Internet Directory times out and drops an inactive connection.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.194
Other
Single-valued attribute.
Description
The instance number of a particular Oracle Internet Directory server instance.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.125
Other
Single-valued attribute.
Description
The process ID of a particular Oracle Internet Directory server instance.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.126
Other
Single-valued attribute.
Description
The maiden name of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.306
Description
Holds the required information for generating the mapped identity.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.704
Other
Single-valued attribute.
Description
Whether or not this Oracle Internet Directory instance is a master node. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.1010
Other
Single-valued attribute.
Description
If the base DN of a search request is not found, then the directory server returns the nearest DN that matches the specified base DN. Whether the directory server tries to find the nearest match DN is controlled by this attribute. If set to 1, then match DN processing is enabled. If set to 0, then match DN processing is disabled. The default is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.404
Other
Single-valued attribute.
Description
Maximum number of concurrent database connections. The default is 10.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.4
Other
Single-valued attribute.
Description
Stores the maximum allowed BER entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.604
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.156
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.164
Other
Single-valued attribute.
Description
Maximum TCP connection time in minutes for an idle connection to be recorded as idle. The default value is 120 minutes (2 hours). The value of this attribute should be less than that of the DSA configuration set attribute orclLDAPConnTimeout.
This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.196
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.162
Other
Single-valued attribute.
Description
The DN of an Oracle Net Service description entry. Oracle Net directory naming allows net service names to be stored in and retrieved from Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.3.1.12
Other
Single-valued attribute.
Description
The description string for an Oracle Net Service. For example:
(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP) (HOST = hostname)(PORT =1521))) (CONNECT_DATA = (SID = ORCL)))
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.3.1.13
Other
Single-valued attribute.
Description
The non-SSL LDAP listening port for Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.102
Other
Single-valued attribute.
Description
Identifies the normalized DN of an entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1000
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.160
Other
Single-valued attribute.
Description
Stores the network read/write time out.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.603
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.159
Other
Single-valued attribute.
Description
Stores Microsoft Active Directory's OBJECTGUID
attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.901
Other
Single-valued attribute.
Description
Stores Microsoft Active Directory's OBJECTSID
attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.902
Other
Single-valued attribute.
Description
The DN of a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.6
Description
Any configuration information that you want the connector to store in Oracle Internet Directory. It is passed by the directory integration and provisioning server to the connector at time of connector invocation. The information is stored as an attribute and the directory integration and provisioning server does not have any knowledge of its content. When the connector is scheduled for execution, the value of the attribute is stored in the file, ORACLE_HOME
/ldap/odi/conf/profile_name.cfg
that can be processed by the connector.
Upload the file by using either the Directory Integration and Provisioning Assistant. See "dipassistant" for more information. Do this for both import and export agents.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.24
Description
Whether a synchronization profile is enabled or disabled. Valid values are ENABLE or DISABLE. The default is DISABLE.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.3
Other
Single-valued attribute.
Description
The executable name and argument list used by the directory integration and provisioning server to invoke a connector. It can be passed as a command-line argument when the connector is invoked. For example, here is a command to invoke the Oracle HR connector:
odihragent OracleHRAgent connect=hrdb login=%orclodipConDirAccessAccount pass=%orclodipConDirAccessPassword date=%orclODIPLastSuccessfulExecutionTime
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.21
Other
Single-valued attribute.
Description
The host name of the Oracle Directory Integration and Provisioning server where the synchronization profile is run.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.5
Other
Single-valued attribute.
Description
The name of a third-party synchronization profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.1
Other
Single-valued attribute.
Description
Password that the synchronization profile uses to bind to the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.4
Other
Single-valued attribute.
Description
The name of an application to which a provisioning subscription belongs.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.7
Description
The DN of the application to which a provisioning subscription belongs.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.918
Other
Single-valued attribute.
Description
Attribute for storing the mapping rules used by a synchronization profile. Store the mapping rules in a file by using the Directory Integration and Provisioning Assistant. See "dipassistant" and the Oracle Identity Management Integration Guide for more information about mapping rules.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.41
Description
The bootstrap status of a synchronization profile (the initial migration of data between a connected directory and Oracle Internet Directory).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.101
Other
Single-valued attribute.
Description
The command to invoke a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.9.1.5
Description
Valid user account in the connected directory to be used by the connector for synchronization. The value is specific to the connected directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind DN in the SunONE Directory Server. For the Human Resources Connector, it is a valid user identifier in the Oracle Human Resources database. For other connectors, it can be passed as a command-line argument when the connector is invoked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.22
Other
Single-valued attribute.
Description
Password to be used by the user specified in the orclODIPConDirAccessAccount attribute to connect to the connected directory. The value is specific to the third-party directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind password in the SunONE Directory Server. For the Human Resources Agent, it is the Oracle Human Resources database password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.23
Description
For Oracle Directory Integration and Provisioning import operations, the last change from the connected directory that was applied to Oracle Internet Directory. The default value is 0. If you have used the Directory Integration and Provisioning Assistant to bootstrap the connected directory, then this value is set automatically. See "dipassistant" for more information about the bootstrap operation. This is valid only in the import profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.65
Other
Single-valued attribute.
Description
This attribute specifies the filter to apply to the third-party directory change log. It is used in the Oracle Directory Integration and Provisioning import profile. The filter must be set in the import profile when both the import and export integration profiles are enabled, as follows:
Modifiersname != connected_directory_account
This prevents the same change from being exchanged between the two directories indefinitely. To avoid confusion, make this account specific to synchronization.
See Also: Oracle MetaLink Note 280474.1, "Setting Up Filtering in a DIP Synchronization Profile" available at Oracle MetaLink at http://metalink.oracle.com/
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.42
Description
Connection string required to connect to the third-party connected directory. This value refers to the host name and port number as host:port:
[
sslmode
]
.
To connect by using SSL, enter host:port:
1
.
Make sure the certificate to connect to the directory is stored in the wallet, the location of which is specified in the file odi.properties
.
Note: To connect to SunONE Directory Server by using SSL, the server certificate needs to be loaded into the wallet.
See Also: The chapter on Oracle Wallet Manager in Oracle Advanced Security Administrator's Guide.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.25
Other
Single-valued attribute.
Description
Stores the DNs of integration profiles for a particular configuration set in Oracle Directory Integration and Provisioning.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.72
Description
Stores a flag which indicates whether any integration profiles have been added, deleted or modified. Used in association with a configuration set.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.71
Other
Single-valued attribute.
Description
The connection string for the database of a provisioning profile subscriber. The format of the string is host:port:sid:username:password
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.2
Description
Stores a key which is used to encrypt and decrypt sensitive data that is transmitted by the Oracle directory integration and provisioning server to other applications.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.215
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.433
Description
Store configuration information for events to which a provisioned-integrated application subscribes.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.1
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.605
Other
Single-valued attribute.
Description
Identifies the location in the directory that stores information about instances of the Oracle directory integration and provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.913
Other
Single-valued attribute.
Description
Stores a flag that indicates whether an instance of the Oracle directory integration and provisioning server should continue running or shut down. This flag provides a means of communication between the OID Monitor, OID Control, and the Oracle directory integration and provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.76
Other
Single-valued attribute.
Description
The data format or protocol used in synchronization with a third-party directory. Supported values are:
LDIF—Import or export from a LDIF File.
Tagged—Import or export from a tagged file—a proprietary format supported by the Oracle directory integration and provisioning server, similar to LDIF format.
LDAP—Import from or export to an LDAP-compliant directory.
DB —Import from or export to an Oracle Database directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.28
Other
Single-valued attribute.
Description
Status attribute set to the last time the integration profile was executed by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss
, where hh
is the time of day in 24-hour format. This attribute is initialized during profile creation.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.61
Other
Single-valued attribute.
Description
Status attribute set to the last time the integration profile was executed successfully by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss
, where hh
is the time of day in 24-hour format. This attribute is initialized during profile creation.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.62
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.603
Other
Single-valued attribute.
Description
Used in an object definition to identify and classify a particular type of object.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.602
Description
Identifies the location of the various object definitions used by the Oracle directory integration and provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.917
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.432
Description
Used in an object definition to store the name of an object.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.601
Other
Single-valued attribute.
Description
The search base in the directory for an object associated with an Oracle Directory Integration and Provisioning synchronization profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.431
Description
In export profiles, this attribute specifies the filter to apply to the Oracle Internet Directory change log container. It is used in the export profile. It must be set in the export profile when both the import and export integration profiles are enabled, as in the following example:
Modifiersname !=orclodipagentname=iPlanetImport,cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory
This prevents the same change from being exchanged between the two directories indefinitely.
In import profiles, this attribute specifies a key for mapping entries between Oracle Internet Directory and the connected directory. This is useful when the DN cannot be used as the key.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.43
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.430
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.604
Other
Single-valued attribute.
Description
Additional information that may be needed by an Oracle Directory Integration and Provisioning connector plug-in.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.264
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.261
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.265
Description
The Oracle Directory Integration and Provisioning connector plug-in executable data, which is typically a JAR file.
Syntax
1.3.6.1.4.1.1466.115.121.1.5 (Binary Data)
Matching Rule
N/A
Object ID
2.16.840.1.113894.8.1.262
Description
The fully qualified name of the Oracle Directory Integration and Provisioning connector plug-in executable, which is typically a Java class.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.263
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.914
Other
Single-valued attribute.
Description
The debugging level for an Oracle Directory Integration and Provisioning synchronization profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.251
Other
Single-valued attribute.
Description
Associates a group number with a particular provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.250
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.223
Description
Contains information that is used by the Oracle directory integration and provisioning server on how to connect to a provisioning-integrated application for event propagation.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.222
Other
Single-valued attribute.
Description
Contains a provisioning-integrated application's interface name, which is used by the Oracle directory integration and provisioning server for event propagation. The value assigned to this attribute depends on the interface type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.220
Other
Single-valued attribute.
Description
Specifies the type of interface to which events will be propagated by the Oracle directory integration and provisioning server. Valid values for this attribute are PLSQL or JAVA.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.221
Other
Single-valued attribute.
Description
Specifies the provisioning profile version to which events will be propagated by the Oracle directory integration and provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.224
Other
Single-valued attribute.
Description
Contains the number of the last event that was generated by a provisioning-integration application and updated in Oracle Internet Directory by the Oracle directory integration and provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.234
Other
Single-valued attribute.
Description
The last time the Oracle Directory Integration and Provisioning synchronization profile was executed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.232
Other
Single-valued attribute.
Description
The last time the Oracle Directory Integration and Provisioning synchronization profile was successfully executed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.233
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.214
Other
Single-valued attribute.
Description
Specifies the maximum number of events that the Oracle directory integration and provisioning server packages and sends to an application during one invocation of a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.212
Other
Single-valued attribute.
Description
Specifies the maximum number of events that the Oracle directory integration and provisioning server sends to an application during one execution of a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.213
Other
Single-valued attribute.
Description
The maximum number of times an Oracle Directory Integration and Provisioning profile is retried in the event of an error.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.211
Other
Single-valued attribute.
Description
The name of the Oracle Directory Integration and Provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.201
Other
Single-valued attribute.
Description
Contains errors raised during event propagation by the Oracle directory integration and provisioning server for a particular provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.231
Description
Contains the Oracle directory integration and provisioning server's event propagation status for a particular provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.230
Other
Single-valued attribute.
Description
The subscription mode for a provisioning profile: INBOUND, OUTBOUND, or BOTH.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.408
Description
The number of seconds between executions of an Oracle Directory Integration and Provisioning profile. The default is 3600, which means the profile is scheduled to run every hour.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.210
Other
Single-valued attribute.
Description
Indicates whether the Oracle directory integration and provisioning server should perform a provisioning profile status update while propagating events to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.610
Other
Single-valued attribute.
Description
Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.503
Description
Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.502
Description
Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.501
Other
Single-valued attribute.
Description
Stores the XML-based rule definitions used by the Oracle directory integration and provisioning server to convert changes in Oracle Internet Directory into events before propagating them to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.607
Other
Single-valued attribute.
Description
Stores the XML DTD for event rule definitions used by the Oracle directory integration and provisioning server to understand and parse event rule definitions.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.606
Other
Single-valued attribute.
Description
Used with version 3.0 provisioning profiles to identify and classify an object based on the entry's object class. This attribute is used in the object definitions stored in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.609
Description
Used by the Oracle directory integration and provisioning server to identify the Java classes to use for reading and writing events from and to provisioning-integration applications and for processing event propagation results. The default configurations in this attribute should not be changed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.608
Other
Single-valued attribute.
Description
The global unique identifier for the application entry associated with a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.402
Other
Single-valued attribute.
Description
The distinguished name (DN) of the application to which the provisioning subscription belongs. The combination of the application name and organization name uniquely identifies a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.401
Other
Single-valued attribute.
Description
The event mapping rule maps the object type received from the application (using an optional filter condition) to a domain in Oracle Internet Directory. An inbound provisioning profile can have multiple mapping rules defined.
The following example shows a sample mapping rule value. The rule shows that a user object (USER
) whose locality attribute equals US (l=US
) should be mapped to the domain l=US,cn=users,dc=company,dc=com
.
USER:l=US:l=US,cn=users,dc=company,dc=com
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.406
Description
Defines the types of events that the application is allowed to send to the Oracle Directory Integration and Provisioning service. An inbound provisioning profile can have multiple permitted operations defined.
For example, if you wanted to permit the application to send events whenever a user object was added or deleted, or when certain attributes were modified, you would have three permitted operation values such as this:
USER:dc=mycompany,dc=com:ADD(*) USER:dc=mycompany,dc=com:MODIFY(cn,sn,mail,password) USER:dc=mycompany,dc=com:DELETE(*)
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.407
Description
Defines the types of events that the Oracle Directory Integration and Provisioning service should send to the application. An outbound provisioning profile can have multiple event subscriptions defined.
For example, if you wanted the directory integration server to send events to the application whenever a user or group object was added or deleted, you would have four event subscription values such as this:
GROUP:dc=mycompany,dc=com:ADD(*) GROUP:dc=mycompany,dc=com:DELETE(*) USER:dc=mycompany,dc=com:ADD(*) USER:dc=mycompany,dc=com:DELETE(*)
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.405
Description
The global unique identifier for the organization entry associated with a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.404
Other
Single-valued attribute.
Description
The distinguished name (DN) of the organization to which the provisioning subscription belongs, for example dc=company,dc=com
. The combination of the application DN and organization DN uniquely identifies a provisioning profile. Defaults value is the DN of the default identity management realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.403
Other
Single-valued attribute.
Description
Contains the DN of the directory container that stores provisioning profiles.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.916
Other
Single-valued attribute.
Description
Refers to the root location in the directory tree where the Oracle Directory Integration and Provisioning configuration is stored.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.912
Other
Single-valued attribute.
Description
Time interval in seconds after which a connected directory is synchronized with Oracle Internet Directory. The default is 600.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.6
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.911
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.511
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.512
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.515
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.919
Other
Single-valued attribute.
Description
The number that corresponds to the debugging level for the Oracle Directory Integration and Provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.516
Other
Single-valued attribute.
Description
The number of minutes between server refreshes for any changes in Oracle Directory Integration and Provisioning profiles. If not specified, the default of 2 is used.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.514
Other
Single-valued attribute.
Description
The number of the corresponding SSL mode. The default is 0. The modes are as follows:
0 — SSL is not used.
1 — SSL is used for encryption only, not for authentication.
2 — SSL is used for one-way authentication. With this mode you must also specify the complete path and file name of the server's Oracle Wallet.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.513
Other
Single-valued attribute.
Description
The complete path and file name of the Oracle Directory Integration and Provisioning server's Oracle Wallet.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.517
Other
Single-valued attribute.
Description
Messages explaining the errors if the last execution of the synchronization profile failed. This attribute is updated by Oracle Directory Integration and Provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.64
Description
Direction of synchronization between Oracle Internet Directory and the connected directory. Allowed values are: IMPORT or EXPORT.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.2
Other
Single-valued attribute.
Description
Status of the last execution of a synchronization profile: SUCCESS or FAILURE. Initially, this attribute has the value YET TO BE EXECUTED.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.63
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.915
Other
Single-valued attribute.
Description
Maximum number of times Oracle Directory Integration and Provisioning server tries to run the third-party directory connector in the event of a failure. The default is 5.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.7
Other
Single-valued attribute.
Description
Specifies the number of abandoned LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.168
Other
Single-valued attribute.
Description
Specifies the number of completed LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.166
Other
Single-valued attribute.
Description
Specifies the number of open connections to the Oracle Internet Directory server, including client LDAP connections and database connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.149
Other
Single-valued attribute.
Description
Specifies the number of failed LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.190
Other
Single-valued attribute.
Description
Specifies the number of initiated LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.165
Other
Single-valued attribute.
Description
Stores operation latency.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.127
Other
Single-valued attribute.
Description
Specifies the number of pending LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.167
Other
Single-valued attribute.
Description
Stores the operation result.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.64
Description
Specifies the number of successful LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.189
Other
Single-valued attribute.
Description
Specifies whether an operation contains a query.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.103
Other
Single-valued attribute.
Description
Specifies the number of LDAP search operations that timed out.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.169
Other
Single-valued attribute.
Description
Specifies the number of ORA-28 errors encountered by Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.182
Other
Single-valued attribute.
Description
Specifies the number of ORA-3113 errors encountered by Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.157
Other
Single-valued attribute.
Description
Specifies the number of ORA-3114 errors encountered by Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.158
Other
Single-valued attribute.
Description
The ORACLE_HOME location of an Oracle service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
2.16.840.1.113894.7.1.2
Other
Single-valued attribute.
Description
The global unique identifier of the user who owns an application or resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.358
Description
Identifies an Oracle-specific password for custom authentication schemes like O3Logon for the database server.
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseExactMatch
Object ID
2.16.840.1.113894.7.1.13
Description
Specifies the password value to access the resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.353
Other
Single-valued attribute.
Description
Specifies the hint to use when users forget their password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.314
Other
Single-valued attribute.
Description
The answer related to the password hint question stored in orclPasswordHint.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.315
Other
Single-valued attribute.
Description
Attribute for storing a password to an Oracle component when that password is different from that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is not synchronized with that in the userPassword attribute.
Like authPassword, this attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.210
Description
Whether to BEGIN or END pilot mode for a replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.824
Other
Single-valued attribute.
Description
Password hint for the user's PKCS12 private key store.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.11
Description
This is used to specify the matching rule for mapping a user's PKI certificate DN to the user's entry DN in Oracle Internet Directory. The following matching rule values are allowed:
0 - Exact match. The PKI certificate DN must match the user entry DN.
1 - Certificate search. Check to see if the user has a PKI certificate provisioned into Oracle Internet Directory.
2 - A combination of exact match and certificate search. If the exact match fails, then a certificate search is performed.
3 - Mapping rule only. Use a mapping rule to map user PKI certificate DNs to Oracle Internet Directory DNs.
4 - Try in order: 1 (mapping rule), 2 (certificate search), 3 (exact match).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.703
Other
Single-valued attribute.
Description
The universal time when the certificate revocation list (CRL) should be updated.
Syntax
1.3.6.1.4.1.1466.115.121.1.53 (UTC Time)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.2.1.300.1
Description
Contains the PKI value attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.2.1.300.2
Description
A semicolon-separated attribute name list that controls whether the plug-in takes effect. If the target attribute is included in the list, the plug-in is invoked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.563
Other
Single-valued attribute.
Description
If enabled, then the Plug-in will be invoked when the base entry does not exist. Allowed values are 0 (disabled) or 1 (enabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.569
Other
Single-valued attribute.
Description
Whether or not a plug-in is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled). The default is 0 (disabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.554
Other
Single-valued attribute.
Description
An LDAP search filter that specifies entry criteria that will cause the plug-in to not be invoked. For example, if the following filter is used, the plug-in will not be invoked if the target entry has objectclass
equal to inetorgperson
and sn
equal to Cezanne
.
(&(objectclass=inetorgperson)(sn=Cezanne))
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.568
Other
Single-valued attribute.
Description
For plug-ins that use WHEN timing only. 0 is disabled (default). 1 is enabled. This attribute can be set to enabled only if the orclPluginLDAPOperation attribute value is ldapbind
, ldapcompare
, or ldapmodify
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.559
Other
Single-valued attribute.
Description
The kind of plug-in. PL/SQL is the only allowed value.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.562
Other
Single-valued attribute.
Description
The LDAP operation that this plug-in supplements. Allowed values are:
ldapcompare
ldapmodify
ldapbind
ldapadd
ldapdelete
ldapsearch
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.557
Other
Single-valued attribute.
Description
The plug-in package name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.552
Other
Single-valued attribute.
Description
The port that the plug-in is using.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.566
Other
Single-valued attribute.
Description
A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who can actually invoke the plug-in. For example, if you specify orclpluginrequestgroup:cn=security,cn=groups,dc=oracle,dc=com
, when you register the plug-in, then the plug-in will not be invoked unless the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.564
Other
Single-valued attribute.
Description
A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who cannot invoke the plug-in. For example, if you specify orclpluginrequestneggroup: cn=security,cn=groups,dc=oracle,dc=com
, when you register the plug-in, then the plug-in will not be invoked if the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.571
Other
Single-valued attribute.
Description
An integer value to specify the LDAP result code. If this value is specified, then the plug-in will be invoked only if the ldap operation is in that result code scenario. This only applies if the value for the orclPluginTiming attribute is POST
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.565
Other
Single-valued attribute.
Description
Controls the type of bind used when the LDAP_PLUGIN package connects back to the same Oracle Internet Directory server.
1= SASL bind (default).
0= Simple bind.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.572
Other
Single-valued attribute.
Description
This only applies if the value for the orclPluginTiming attribute is PRE
. Brings in the external entries if the entry is not found in Oracle Internet Directory. Provides additional plug-in invocation checking and ensures that the plug-in will only be invoked when the entry is not present in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.570
Other
Single-valued attribute.
Description
File location of the program libraries for the plug-in. If this value is not present, then the Oracle Internet Directory server assumes the plug-in language is PL/SQL.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.556
Other
Single-valued attribute.
Description
A semicolon-separated DN list that controls if the plug-in takes effect. For example:
dc=COM,c=us;dc=us,dc=oracle,dc=com;dc=org,dc=us;o=IMC,c=US
If the target DN of an LDAP operation is included in the list, then the plug-in is invoked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.561
Other
Single-valued attribute.
Description
Specifies when the plug-in is to be invoked in relation to the LDAP operation it supplements. The following values are allowed:
PRE
WHEN
POST
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.558
Other
Single-valued attribute.
Description
Valid value is operational
— Operational plug-ins augment existing LDAP operations. The work they perform depends on whether they execute before, after, or in addition to normal directory server operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.553
Other
Single-valued attribute.
Description
The supported version number of the plug-in.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.555
Other
Single-valued attribute.
Description
Stores a process name.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.55
Other
Single-valued attribute.
Description
Identifies the product version.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.6
Description
Contains a process password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.56
Other
Single-valued attribute.
Description
The base DN in the directory information tree (DIT) where the garbage collection task is applied. This attribute value is reserved for each garbage collector and it must not be modified. Defaults to the RDN of the garbage collector configuration entry DN.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.805
Other
Single-valued attribute.
Description
Flag to enable (1) or disable (0) collection of debugging messages. Default value is 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.810
Other
Single-valued attribute.
Description
Flag to enable (1) or disable (0) this garbage collector. Default value is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.808
Other
Single-valued attribute.
Description
Absolute file directory where the garbage collection log file is saved. Default value is.
(period - the current directory).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.812
Other
Single-valued attribute.
Description
The file name of the garbage collection log file. Default value is oidgc001.log
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.811
Other
Single-valued attribute.
Description
An LDAP filter condition to limit the entries that are considered for garbage collection.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.803
Other
Single-valued attribute.
Description
Time interval in hours that the garbage collection job is executed again. This can be measured from either the point in time specified in the orclPurgeStart attribute or from the last time it was run. Default value is 24.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.801
Other
Single-valued attribute.
Description
Every time this attribute is added or modified to a garbage collection entry, then the submitted job is executed immediately.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.809
Other
Single-valued attribute.
Description
Specifies the purge package.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.804
Other
Single-valued attribute.
Description
Specifies the purge schedule.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.24
Other
Single-valued attribute.
DSA operational attribute.
Description
The time when the garbage collector starts to run. The format is yyyymmddhhmmss
. Default value is 12:00 a.m. of the day Oracle Internet Directory is installed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.813
Other
Single-valued attribute.
Description
This attribute enables time-based purging of change log records. Set this to the number of hours after which old change logs will be purged. Time-based purging respects the change status of replication, but not the change status of other consumers. When time-based purging is enabled, the change log garbage collector purges all change logs that are not needed by replication and that are at least the specified number of hours old.
The default behavior is change number-based purging, meaning this attribute is NULL or set to a value less than zero. Change number-based purging respects the change status of all change log consumers. That is, it does not purge change logs unless they have been consumed by all consumers. In addition, it does not purge change logs until they are 10 days old.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.800
Other
Single-valued attribute.
Description
The number of objects to be purged in one commit transaction. The default value is 1000.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.802
Other
Single-valued attribute.
Description
Determines whether an account is locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.203
Other
Single-valued attribute.
Description
Whether or not to allow password validations by comparing the hash values of encrypted passwords. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.218
Other
Single-valued attribute.
Description
Number of numeric characters required in a password. The default value is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.205
Other
Single-valued attribute.
Description
If the value is TRUE, then the user password is stored in reversible encrypted form. If the value is FALSE, then the user password is stored in plain text.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.215
Other
Single-valued attribute.
Description
Lists the common words and attribute types whose values cannot be used as a valid password. By default, all words are acceptable password values.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.204
Description
The time when a user account was locked for a specific IP address.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.211
Other
Directory operational attribute.
Not user modifiable.
Description
The time of a password failure.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.212
Other
Directory operational attribute.
Not user modifiable.
Description
Whether or not to enable account lockouts for a specific IP address. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.200
Other
Single-valued attribute.
Description
The number of seconds you want to enforce account lockout for a specific IP address. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.201
Other
Single-valued attribute.
Description
The maximum number of failed logins from a specific IP address after which the account is locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.202
Other
Single-valued attribute.
Description
Whether to enable (TRUE) or disable (FALSE) the password policy.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.213
Other
Single-valued attribute.
Description
Contains the password verifier parameters.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{256} (Directory String, 256 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.209
Description
Indicates the queue depth.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.144
Other
Single-valued attribute.
Description
Defines the queue latency.f
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.145
Other
Single-valued attribute.
Description
Specifies the number of Oracle Internet Directory server threads waiting to read from the network.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.142
Other
Single-valued attribute.
Description
The DNs of the replication agreement entries.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.105
Description
For LDAP-based replication only. The DN of the consumer replica in the replication agreement.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.817
Other
Single-valued attribute.
Description
Naming attribute for the replica subentry. Its value is unique to each directory server node that is initialized at installation. The value of this attribute, assigned during installation, is unique to each directory node, and matches that of the orclreplicaID
attribute at the root DSE. You cannot modify this value.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.106
Other
Single-valued attribute.
Description
Contains the set of ldapURI
formatted addresses that can be used if the orclReplicaURI values cannot be used.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
2.16.840.1.113894.1.1.815
Description
Defines the state of the replica. Possible values are:
0 (boot strapping)
1 (online)
2 (offline)
3 (bootstrap in progress)
4 (bootstrap in progress, cn=oraclecontext
bootstrap has completed)
5 (bootstrap completed, failure detected for one or more naming contexts)
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.818
Other
Single-valued attribute.
Description
Defines the replication protocol for change propagation to replica. Values are:
ODS_ASR_1.0 (Advanced Replication-based protocol)
ODS_LDAP_1.0 (LDAP-based replication)
You cannot modify this attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.29
Other
Single-valued attribute.
Description
Defines the type of replica such as read-only or read/write. Possible values are:
0 (Read/Write)
1 (Read-Only)
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.816
Other
Single-valued attribute.
Description
Contains information in ldapURI
format that can be used to open a connection to this replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
2.16.840.1.113894.1.1.814
Other
Single-valued attribute.
Description
Oracle Internet Directory version of the replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.820
Other
Single-valued attribute.
Description
Stores the resource identifier.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.348
Description
Specifies the name of the resource for which the connection information is being maintained.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.350
Description
Specifies the name of the resource—for example, database, XMLPDS, JDBCPDS.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.351
Description
Lists the resource viewers.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.366
Description
Reversible encrypted value of the user password. This attribute is generated only if the attribute value of orclPwdEncryptionEnable in the password policy entry is set to 1. This attribute can be queried only by using the SSL one-way and two-way authentication mechanisms. This attribute cannot be queried over non-SSL sessions.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.216
Other
Directory operational attribute.
Not user modifiable.
Description
Stores the value of Active Directory's SAMAccountName
attribute. In Oracle Internet Directory, this attribute is defined as a directory string type. However, in Active Directory this attribute cannot accept any special or non-printable characters. If any entry is added in Oracle Internet Directory with this attribute, it can only contain a simple text string or synchronization from Oracle Internet Directory to Active Directory will fail.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.903
Other
Single-valued attribute.
Description
Indicates the SASL authentication mode.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.700
Other
Single-valued attribute.
Description
Contains the SASL cipher choice.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.702
Description
Stores the SASL mechanism.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.701
Description
Stores the dump flag.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.407
Other
Single-valued attribute.
Description
Contains search base information to be used when performing the directory query for identity mapping.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.706
Other
Single-valued attribute.
Description
Contains search filter information to be used when performing the directory query for identity mapping.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.705
Other
Single-valued attribute.
Description
Contains search scope information to be used when performing the directory query for identity mapping.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.707
Other
Single-valued attribute.
Description
Indicates the secondary UID of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.360
Description
Defines a sequence.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.62
Description
Specifies the Oracle Internet Directory server process memory growth as a percentage.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.148
Other
Single-valued attribute.
Description
Stores the last server event.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.54
Description
Specifies if data can be written to the server. Valid values are:
r (read-only)
rw (read/write)
rm (read-modify, that is, to read and modify, but not to add or delete)
The default value is rw
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.51
Other
Single-valued attribute.
Description
Number of server processes to start. The default for configset0
is 1. You cannot use a negative value for this attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.364
Other
Single-valued attribute.
Description
Stores the service instance location.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseExactMatch
Object ID
2.16.840.1.113894.1.1.1102
Other
Single-valued attribute.
Description
Identifies a service member.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1005
Description
Stores the service subscription location.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseExactMatch
Object ID
2.16.840.1.113894.1.1.1100
Other
Single-valued attribute
Description
Contains the service subtype.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1009
Other
Single-valued attribute
Description
Identifies the service type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.4
Other
Single-valued attribute
Description
Stores the SID.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.5
Other
Single-valued attribute
Description
Maximum number of entries to be returned by a search.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.10
Other
Single-valued attribute
Description
Contains a skewed attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.405
Description
Determines whether to skip references in SQL operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.410
Other
Single-valued attribute
Description
Represents a structural object class that includes common attributes for server manageability object classes.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.185
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.132
Other
Single-valued attribute
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.134
Other
Single-valued attribute
Description
Type of SSL authentication to use for this instance of Oracle Internet Directory server. The default value of 1, specifies no SSL authentication. Different instances can have different values. One-way and two-way SSL authentication requires a wallet. You may use one of the following three values:
1 = Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption will be used.
32 = One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.
64 = Two-way authentication. Both client and server send certificates to each other.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.13
Other
Single-valued attribute
Description
A cipher suite is a set of authentication, encryption, and data integrity algorithms used for exchanging messages between network nodes. During an SSL handshake, the two nodes negotiate to see which cipher suite they will use when transmitting messages back and forth. The following cipher suites are supported:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_DES_CBC_SHA
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
SSL_DH_anon_WITH_RC4_128_MD5
SSL_DH_anon_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum.
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.19
Description
Flag for enabling or disabling SSL. Use this flag when you use different instances of the same server for either SSL or non-SSL. Allowed values are:
0—for non-secure operation only
1—for SSL authentication only
2— for both non-secure operation and SSL authentication
The default value is 0
.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.14
Other
Single-valued attribute
Description
The default SSL default port for the directory server. Default value is 636. When you run the directory in the secure mode, it listens at default port 636 and accepts only SSL-based TCP/IP connections. (When you run the directory in the normal mode, it listens at default port 389, accepting normal TCP/IP connections.) You might want to change this port when you add multiple LDAP server instances.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.17
Other
Single-valued attribute
Description
SSL version. The default value is 3.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.18
Other
Single-valued attribute
Description
Sets the location of the Oracle Wallet. You initially set this value when you create the wallet. If you elect to change the location of the Oracle Wallet, you must change this parameter. You must set the wallet location on both the client and the server. For example, on UNIX, you could set this parameter as follows:
file:/home/my_dir/my_wallet
On Microsoft Windows, you could set this parameter as follows:
file:C:\my_dir\my_wallet
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.15
Other
Single-valued attribute
Description
Specifies list of user DNs for which to track LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.187
Description
Enable or disable the Oracle Internet Directory Server Manageability framework. To enable, set this to 1. To disable, set it to 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.197
Other
Single-valued attribute.
Description
Level of statistics collection for users. There is only one valid value in this release, 1. Specifying this value collects the number of bind and compare operations against the directory and the user who performed each one.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.199
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.188
Other
Single-valued attribute.
Description
Time interval in minutes for gathering server manageability statistics. The default value is 60.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.198
Other
Single-valued attribute.
Description
Indicates status.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.9.1.9
Description
Determines whether a super user account is locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.192
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
Whether or not a subscriber is enabled or disabled.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.100
Other
Single-valued attribute.
Description
Stores a subscriber's full name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.333
Other
Single-valued attribute.
Description
Stores a name of an attribute that holds the unique identifier of a realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.302
Other
Single-valued attribute.
Description
Specifies the DIT node that contains all realms.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.301
Description
Indicates the subscriber type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.331
Other
Single-valued attribute.
Description
To have the directory server manage part of an LDAP directory, you can specify the highest level parent DNs in the server configuration. These DNs are called suffixes. The server can access all objects in the directory that are below the specified suffix in the directory hierarchy. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.6
Other
Single-valued attribute.
Description
Defines the suite type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1011
Other
Single-valued attribute.
Description
The number of failed login attempts for the directory super user.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.191
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
The distinguished name of the directory super user account, for example, cn=orcladmin
.
Syntax
1.3.6.1.4.1.1466.115.121.1.12
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.8
Other
Single-valued attribute.
Description
Oracle Internet Directory super user password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.9
Other
Single-valued attribute.
Description
Stores the system name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.3
Other
Single-valued attribute.
Description
Specifies the number of clients for which the Oracle Internet Directory server will close TCP connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.153
Other
Single-valued attribute.
Description
Specifies the number of clients for which the Oracle Internet Directory server will shut down TCP connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.152
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.154
Other
Single-valued attribute.
Description
Specifies the number of threads per supplier for the Oracle directory replication server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.31
Other
Single-valued attribute.
DSA operational attribute.
Description
Maximum number of seconds allowed for a search to be completed. The default value is 3600.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.65
Other
Single-valued attribute.
Description
Specifies the time zone applicable for a user location.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.311
Description
Defines the limit mode.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.406
Other
Single-valued attribute.
Description
Stores the total amount of free physical memory.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.146
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.174
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.176
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.177
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.173
Other
Single-valued attribute.
Description
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.175
Other
Single-valued attribute.
Description
Identifies the trusted application group.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.368
Description
Set to TRUE to display a user interface that is accessible to people with impaired vision.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.367
Other
Single-valued attribute.
Description
The name of an attribute that you want to be unique. Autoboot uniqueness means that each entry must have a unique value for this attribute type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.500
Other
Single-valued attribute.
Description
Disables or enables attribute uniqueness constraints. Allowed values are 0 (disable) or 1 (enable). The default value is 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.508
Other
Single-valued attribute.
Description
Specifies an object class filter for an attribute uniqueness constraint entry. This means the attribute specified in orclUniqueAttrNamemust be unique in an instance of this object class.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.503
Other
Single-valued attribute.
Description
The scope of the attribute uniqueness constrain in the DIT. Allowed values are:
base
—Searches the root entry only
onelevel
—Searches one level only
sub
—Searches the entire directory
The default value is sub
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.501
Other
Single-valued attribute.
Description
When multiple attribute uniqueness constraints have the same values in orclUniqueAttrName, orclUniqueScope and orclUniqueObjectClass, but different values in orcluniquesubtree
, the union of subtree scopes specified by those attribute uniqueness constraints is checked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.502
Other
Single-valued attribute.
Description
Unsynchronizes a reverse password.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.217
Other
Directory operational attribute.
Not user modifiable.
Description
Replication update interval for new changes and those being retried. The value is in minutes.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.30
Other
Directory operational attribute.
Not user modifiable.
Description
Indicates whether an upgrade is in progress.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.104
Other
Single-valued attribute.
Description
The distinguished name (DN) of the user who performed an operation.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.61
Description
Specifies the attribute to use as the user identifier value when accessing the resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.352
Other
Single-valued attribute.
Description
Specifies if the data is modifiable by the user that this resource access descriptor entry is created for.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
1.2.3.4.5.6.1.11
Description
A list of the object classes that comprise a user entity.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.329
Description
The is the Kerberos user principal name for Microsoft Active Directory users.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.904
Other
Single-valued attribute.
Description
The release version of the Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.1
Other
Single-valued attribute.
Description
Stores the wireless account number of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.365
Other
Single-valued attribute.
Description
Identifies workflow notification preferences for a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.313
Description
Specifies the number of Oracle Internet Directory server threads waiting to write to the network.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.143
Other
Single-valued attribute.
Description
Specifies the distinguished name (DN) of some object which has some responsibility for the associated object.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.4.32
Description
The time stamp of when pilot mode was started for a replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.825
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
The IP addresses of the preferred servers that a directory user agent should use in a space separated list. The servers in this list are tried in order before those in the defaultServerList until a successful connection is made. This has no default value. At least one server must be specified in either preferredServerList
or defaultServerList
.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (Printable String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.2
Other
Single-valued attribute.
Description
The time to live before a client directory user agent (DUA) should reread this configuration profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.11.1.3.1.1.7
Other
Single-valued attribute.
Description
This attribute is used in conjunction with the presentationAddress
attribute, to provide additional information to the Open System Interconnection (OSI) network service.
Syntax
1.3.6.1.4.1.1466.115.121.1.42 (Protocol Information)
Matching Rule
protocolInformationMatch
Object ID
2.5.4.48
Description
The time stamp of when a user's account was locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.17
Other
Single-valued attribute.
Directory operational attribute.
No user modification.
Description
A value of TRUE
means users can change their own passwords. A value of FALSE
means they cannot.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.14
Other
Single-valued attribute.
Description
The time stamp of when the user's current password was created or modified.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.16
Other
Single-valued attribute.
Directory operational attribute.
No user modification.
Description
A value of 1 (default) means passwords are checked for syntax errors. A value of 0 means syntax checking is disabled.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.5
Other
Single-valued attribute.
Description
The time stamp when the first password expiration warning was sent to the user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.18
Other
Directory operational attribute.
No user modification.
Description
The number of seconds before a password expires that a warning should be sent to the user. The user will see the warning when they attempt to log on during the warning period. If the user does not modify the password before it expires, the user is locked out until the password is changed by the administrator. The default value is 0, which means no warnings are sent.
For this feature to work, the client application must support it.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.7
Other
Single-valued attribute.
Description
The number of seconds after which the password failure times are purged from the user entry. If this attribute is not present, or if it has a value of 0, then failure times are never purged. The default value is 0
.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.12
Other
Single-valued attribute.
Description
The time stamp of consecutive failed login attempts by the user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.19
Other
Directory operational attribute.
No user modification.
Description
Maximum number of grace logins allowed after a password expires. The default value is 0 (no grace logins allowed). The recommended value is 3.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.8
Other
Single-valued attribute.
Description
The time stamps of each grace login for a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.21
Other
Directory operational attribute.
No user modification.
Description
A history of a user's previous passwords. The number of passwords stored in the history is determined by the pwdInHistory attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.20
Other
Single-valued attribute.
Directory operational attribute.
No user modification.
Description
Number of previous passwords to be stored in the password history (pwdHistory). If a user attempts to reuse one of the passwords stored in the history, then the password is rejected. The default value is 0 (no previous passwords stored in the history).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.4
Other
Single-valued attribute.
Description
Specification for whether users are locked out of the directory after the number of consecutive failed bind attempts specified by pwdMaxFailure. If the value of this policy attribute is TRUE, then users are locked out. If this attribute is not present, or if the value is FALSE, then users are not locked out and the value of pwdMaxFailure is ignored. By default, account lockout is enforced.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.9
Other
Single-valued attribute.
Description
The number of seconds a user is locked out of the directory if both of the following are true:
Account lockout is enabled.
The user has been unable to bind successfully to the directory for at least the number of times specified by pwdMaxFailure.
You can set user lockout for a specific duration, or until the administrator resets the user's password. A default value of 0 (zero) means that the user is locked out forever. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.10
Other
Single-valued attribute.
Description
The maximum number of seconds that a given password is valid. If this attribute is not present, or if the value is 0 (zero), then the password does not expire. By default, the passwords expire in 60 days.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.3
Other
Single-valued attribute.
Description
The number of consecutive failed bind attempts after which a user account is locked. If this attribute is not present, or if the value is 0 (zero), then the account is not locked due to failed bind attempts, and the value of the password lockout policy is ignored. The default is 4.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.11
Other
Single-valued attribute.
Description
This attribute holds the number of seconds that must elapse between modifications to the password. If this attribute is not present, 0 seconds is assumed.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.2
Other
Single-valued attribute.
Description
The minimum number of characters required in a password. The default is 5. The value for this attribute must be at least 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.6
Other
Single-valued attribute.
Description
Indicator of whether users must change their passwords after the first login, or after the password is reset by the administrator. Enabling this option requires users to change their passwords even if user-defined passwords are disabled. By default, users need not change their passwords after reset. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.13
Other
Single-valued attribute.
Description
Indicator that the password has been reset and must be changed by the user on first authentication. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.22
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
Description
Indicator of whether user must supply old password with new one when modifying password. By default, the old password is not required. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.15
Other
Single-valued attribute.
Description
A named reference. Values placed in the attribute must conform to the specification given for the labeledURI attribute (RFC 2079).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
2.16.840.1.113730.3.1.34
Other
DSA operational attribute.
Description
Maximum time in seconds that a POSIX directory user agent (DUA) should allow for a search to complete.
Syntax
Matching Rule
Object ID
Description
Specifies the distinguished names of other directory objects which may be other aspects (in some sense) of the same real world object.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.4.34
Description
The name of the server involved in an Oracle Directory Integration and Provisioning change subscription.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.34
Description
The authentication method for the service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.15
Description
The credential level to be used by a service. The default value for all services is NULL. The supported credential levels are anonymous
or proxy
.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.13
Description
Defines how and where an LDAP naming service client should search for information for a particular service. Contains a service name, followed by one or more semicolon-separated base-scope-filters.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.8
Description
The surname or last name of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{32768} (Directory String, 32768 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.5.4.4
Description
The distinguished name for the member of a group.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.4.50
Description
The user's certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.8 (Certificate)
Matching Rule
octetStringMatch
Object ID
2.5.4.36
Description
The password used to authenticate a user to the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.5.4.35
Other
Single-valued attribute.
Description
PKCS#12 PFX PDU for exchange of personal identity information.
Syntax
1.3.6.1.4.1.1466.115.121.1.5 (Binary)
Matching Rule
N/A
Object ID
2.16.840.1.113730.3.1.216