9.2.7 cn

Description

The common name (nickname) attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.44 (Printable String)

Matching Rule

Description

Identifies the type of credentials a POSIX directory user agent (DUA) should use when binding to the directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.10

Other

Description

An optional description for the entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.5.4.13

9.2.16 displayName

Description

The preferred name used when displaying the entry in the GUI tools.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113730.3.1.241

Other

Single-valued attribute.

9.2.17 followReferrals

Description

Tells a POSIX directory user agent (DUA) if it should follow referrals returned by a directory server agent (DSA) search result.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.5

Other

Single-valued attribute.

9.2.18 javaClassName

Description

Fully qualified name of distinguished Java class or interface.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseExactMatch

Object ID

1.3.6.1.4.1.42.2.27.4.1.6

Other

Single-valued attribute.

9.2.19 jpegPhoto

Description

A photograph file in JPEG format.

Syntax

1.3.6.1.4.1.1466.115.121.1.28 (Binary)

Matching Rule

octetStringMatch

Object ID

0.9.2342.19200300.100.1.60

9.2.20 krbPrincipalName

Description

Contains the Kerberos principal name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

1.3.18.0.2.4.1091

Other

Single-valued attribute.

9.2.21 labeledURI

Description

Uniform Resource Locator (URL).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

1.3.6.1.4.1.250.1.57

9.2.22 ldapSyntaxes

Description

Identifies the LDAP syntaxes implemented in the directory schema.

Syntax

1.3.6.1.4.1.1466.115.121.1.54 (LDAP Syntax Description)

Matching Rule

objectIdentifierFirstComponentMatch

Object ID

1.3.6.1.4.1.1466.101.120.16

Other

Directory operational attribute.

9.2.23 mail

Description

This attribute is defined in RFC 1274. Identifies a user's primary e-mail address (the e-mail address retrieved and displayed by "white-pages" lookup applications).

For example: mail: user.name@oracle.com

Syntax

1.3.6.1.4.1.1466.115.121.1.26{256} (IA5 String, 256 character maximum)

Matching Rule

caseIgnoreIA5Match

Object ID

0.9.2342.19200300.100.1.3

Other

Directory operational attribute.

9.2.24 matchingRules

Description

Identifies the matching rules implemented in the directory schema.

Syntax

1.3.6.1.4.1.1466.115.121.1.30 (Matching Rule Description)

Matching Rule

Description

Top-level DNs for the naming contexts contained in this server. You must have super user privileges to publish a DN as a naming context. There is no default value.

This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

N/A

Object ID

1.3.6.1.4.1.1466.101.120.5

Other

DSA operational attribute.

9.2.29 objectClass

Description

The list of object classes from which this object class is derived.

Syntax

1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)

Matching Rule

objectIdentifierMatch

Object ID

2.5.4.0

9.2.30 objectClasses

Description

Defines the object classes which are in force within a subschema.

Syntax

1.3.6.1.4.1.1466.115.121.1.37 (Object Class Description)

Matching Rule

objectIdentifierFirstComponentMatch

Object ID

2.5.21.6

Other

Directory operational attribute.

9.2.31 objectClassMap

Description

A mapping from an object class defined by a directory user agent (DUA) to an object class in an alternative schema used in the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

N/A

Object ID

Description

Specifies the number of active threads on the Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.140

9.2.38 orclAgreementId

Description

Naming attribute for the replication agreement entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.26

Other

Single-valued attribute.

9.2.39 orclAnonymousBindsFlag

Description

Specifies whether anonymous binds to the directory are allowed or not. If set to 1, then anonymous binds are allowed. If set to 0 (zero), then they are not allowed. The default is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.299

Other

Single-valued attribute.

9.2.40 orclAppFullName

Description

The full name of an application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.320

9.2.41 orclAppId

Description

The unique identifier of an application entry associated with a password verifier.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.207

Other

Single-valued attribute.

9.2.42 orclApplicationCommonName

Description

The common name (cn) of the application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.319

9.2.43 orclApplicationType

Description

Identifies the application type, such as OracleAS Portal.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.280

Other

Single-valued attribute.

9.2.44 orclAssocDB

Description

Identifies the associated Oracle Database instance with the application or service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1007

9.2.45 orclAssocIasInstance

Description

Identifies the associated Oracle Application Server instance with the application or service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.1006

9.2.46 orclAttrACLEvalLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.138

Other

Single-valued attribute.

9.2.47 orclAuditAttribute

Description

Identifies the audit attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.58

9.2.48 orclAuditLevel

Description

Specifies the audit level.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.63

Other

Description

Identifies the category.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.317

9.2.53 orclCertExtensionAttribute

Description

Holds the OID of a field within an extension field of the client certificate.

Syntax

1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)

Matching Rule

objectIdentifierMatch

Object ID

2.16.840.1.113894.1.1.711

Other

Single-valued attribute.

Description

Holds the standard field OID of the client certificate.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.708

Other

Single-valued attribute.

9.2.58 orclChangeLogLife

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.806

Other

Single-valued attribute.

DSA operational attribute.

9.2.59 orclChangeRetryCount

Description

The number of processing retry attempts for a replication change-entry before being moved to the human intervention queue. The value for this parameter must be equal to or greater than 1 (one).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.23

Other

Single-valued attribute.

DSA operational attribute.

9.2.60 orclCommonApplicationGuidAttribute

Description

Contains the name of the attribute that holds the GUID of objects.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.9

Other

Single-valued attribute.

9.2.61 orclCommonAutoRegEnabled

Description

Specifies if auto-registration is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.567

Other

Single-valued attribute.

9.2.62 orclCommonContextMap

Description

Stores the common context map.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.904

Other

Single-valued attribute.

9.2.63 orclCommonDefaultUserCreateBase

Description

Identifies the default user creation base where users are created.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.908

Other

Single-valued attribute.

9.2.64 orclCommonGroupCreateBase

Description

Identifies the group creation base under which Oracle Delegated Administration Services creates groups

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.903

9.2.65 orclCommonKrbPrincipalAttribute

Description

Specifies the attribute that holds the Kerberos principal name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.15

Other

Single-valued attribute.

9.2.66 orclCommonNamingAttribute

Description

Specifies the name of the attribute that is used as an RDN component when creating a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.900

9.2.67 orclCommonNicknameAttribute

Description

Specifies the name of the attribute that uniquely identifies users.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.7

Other

Single-valued attribute.

9.2.68 orclCommonPasswordPolicy

Description

Specifies the common password policy.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.12

9.2.69 orclCommonSASLRealm

Description

Identifies the common SASL realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.20

Other

Description

Specifies the display order of an attribute in Oracle Delegated Administration Services.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

Description

The list of values to display to users in the UI when the orclDASUIType=Predefined List.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreSubStringsMatch

Object ID

Description

Specifies the UI field type for an attribute when displayed in Oracle Delegated Administration Services. Options are:

Single Line Text
Multi Line Text
Predefined List
Date
Browse and Select
Number

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.327

Other

Single-valued attribute.

9.2.96 orclDASURL

Description

The corresponding URL of an Oracle Delegated Administration Services unit.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

Description

Contains the database schema identifier.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.347

9.2.104 orclDBType

Description

The type of database used. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.5

Other

Single-valued attribute.

9.2.105 orclDebugFlag

Description

The debug level associated with a server instance. The default for is 0 (zero). The valid range is 0 to 67108863.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.97

Other

Single-valued attribute.

9.2.106 orclDebugForceFlush

Description

Specifies whether debug messages are to be written to the log file when a message is logged by the directory server. To enable it, set its value to 1. To disable it set it to 0, which is its default value.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.193

Other

Single-valued attribute.

9.2.107 orclDebugOp

Description

To make logging more focused, limits logged information to particular directory server operations by specifying the debug dimension to those operations. Values for operations are:

1 - ldapbind
2 - ldapunbind
4 - ldapadd
8 - ldapdelete
16 - ldapmodify
32 - ldapmodrdn
64 - ldapcompare
128 - ldapsearch
264 - ldapabandon
511 - all operations

To log more than one operation, add the values of their dimensions. For example, if you want to trace ldapbind (1), ldapadd (4) and ldapmodify (16) operations, then the value would be 21 (1 + 4 + 16 = 21).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.601

Other

Single-valued attribute.

9.2.108 orclDefaultProfileGroup

Description

Holds the DN of the group to designate the default group for a user, such that a default profile can be built for the user based on this attribute value.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.309

Other

Description

Identifies the selected domain name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.408

9.2.118 orclDNSUnavailable

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.161

Other

Single-valued attribute.

9.2.119 orclEcacheEnabled

Description

Specifies whether or not entry caching is enabled. The value for enabled is 1; the value for disabled is 0. The default is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.400

Other

Single-valued attribute.

9.2.120 orclEcacheHitRatio

Description

Stores the cache hit ratio.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.170

Other

Single-valued attribute.

9.2.121 orclEcacheMaxEntries

Description

Maximum number of entries that can be present in the entry cache. The default is 25,000.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.402

Other

Single-valued attribute.

9.2.122 orclEcacheMaxEntSize

Description

Stores the maximum size of an cache entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.602

Other

Single-valued attribute.

9.2.123 orclEcacheMaxSize

Description

Maximum number of bytes of RAM that the entry cache can use. The default is 100 MB.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.401

Other

Single-valued attribute.

9.2.124 orclEcacheNumEntries

Description

The number of entries currently in the entry cache.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.171

Other

Single-valued attribute.

9.2.125 orclEcacheSize

Description

The current size of the entry cache.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.172

Other

Single-valued attribute.

9.2.126 orclEnabled

Description

Determines whether an application is enabled.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.1008

Other

Single-valued attribute.

9.2.127 orclEnableGroupCache

Description

Whether or not to cache privilege groups and ACL groups. Using this cache improves the performance of access control evaluation for users.

Use the group cache when a privilege group membership does not change frequently. If a privilege group membership does change frequently, then it is best to turn off the group cache. This is because, in such a case, computing a group cache increases overhead. The default is 1 (enabled). Change to 0 (zero) to disable.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.403

Other

Single-valued attribute.

9.2.128 orclEntryACLEvalLatency

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.136

Other

Single-valued attribute.

9.2.129 orclEntryLevelACI

Description

Specifies the ACI that holds object level ACL.

Syntax

1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)

Matching Rule

accessDirectiveMatch

Object ID

2.16.840.1.113894.1.1.43

9.2.130 orclEventLevel

Description

Specifies critical events related to security and system resources to be recorded for server manageability statistics. The default value is 0. Allowed values are:

0 — No events
1— Super user login
2 — Proxy user login
4 — Replication login
8 — Add access
16 — Delete access
32 — Write access
64 — ORA-3113 error
128 — ORA-3114 error
255 — All critical events

This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

For events other than super user, proxy user, and replication login, set the value of the orclStatsFlag attribute to 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.195

Other

Single-valued attribute.

9.2.131 orclEventTime

Description

The time that a logged directory event occurred.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

Description

An additional attribute for storing more information about a resource, service, or component.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.355

9.2.138 orclFlexAttribute2

Description

An additional attribute for storing more information about a resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

Description

This is the global unique identifier for an entry within Oracle Internet Directory. The value for this attribute is automatically generated when an entry is created and remains constant, even if an entry is moved.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.37

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

9.2.146 orclGUName

Description

The DN of the guest user account for Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.11

Other

Single-valued attribute.

9.2.147 orclGUPassword

Description

Password for the guest user account in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.1.1.12

Other

Single-valued attribute.

9.2.148 orclHIQSchedule

Description

The interval, in minutes, at which the directory replication server repeats the change application process.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.98

Other

Single-valued attribute.

DSA operational attribute.

9.2.149 orclHireDate

Description

Specifies the date on which a user was hired by the organization.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.308

Other

Single-valued attribute.

9.2.150 orclHostedCreditCardExpireDate

Description

The credit card expiration date for a subscriber.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.338

Other

Single-valued attribute.

9.2.151 orclHostedCreditCardNumber

Description

The credit card number for a subscriber.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.337

Other

Single-valued attribute.

9.2.152 orclHostedCreditCardType

Description

The credit card type for a subscriber.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.336

Other

Single-valued attribute.

9.2.153 orclHostedDunsNumber

Description

The DUNS number of a business subscriber. DUNS (Data Universal Numbering System) is a unique nine character company identification number issued by Dun and Bradstreet Corporation used to identify a US corporate entity.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.334

Other

Single-valued attribute.

9.2.154 orclHostedPaymentTerm

Description

Payment terms for a subscriber account.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.335

Other

Single-valued attribute.

9.2.155 orclHostname

Description

The host name of the Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.41

Other

Single-valued attribute.

9.2.156 orclIdleConn

Description

The number of open connections that are currently inactive. Oracle Internet Directory tracks the idle connections for server manageability statistics.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.151

Other

Single-valued attribute.

9.2.157 orclIdleThreads

Description

The number of application process threads that are currently inactive. Oracle Internet Directory tracks the idle threads for server manageability statistics.

Syntax

1.3.6.1.4.1.1466.115.121.1.27

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.141

Other

Single-valued attribute.

9.2.158 orclIncludedNamingContexts

Description

The naming context included in a partial replica. For each naming context object, you can specify only one unique subtree.

In partial replication, except for subtrees listed in the orclExcludedNamingContexts attribute, all subtrees in the specified included naming context are replicated.

Only LDAP-based replication agreements respect this attribute to define one or more partial replicas. If this attribute contains any values in an Advanced Replication-based replication agreement, then it is ignored.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.819

Other

Single-valued attribute.

Description

Time interval in seconds between executions of Oracle Directory Integration and Provisioning profiles.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

Description

The maiden name of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.306

9.2.172 orclMappedDN

Description

Holds the required information for generating the mapped identity.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.704

Other

Single-valued attribute.

9.2.173 orclMasterNode

Description

Whether or not this Oracle Internet Directory instance is a master node. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.1010

Other

Single-valued attribute.

9.2.174 orclMatchDnEnabled

Description

If the base DN of a search request is not found, then the directory server returns the nearest DN that matches the specified base DN. Whether the directory server tries to find the nearest match DN is controlled by this attribute. If set to 1, then match DN processing is enabled. If set to 0, then match DN processing is disabled. The default is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.404

Other

Single-valued attribute.

9.2.175 orclMaxCC

Description

Maximum number of concurrent database connections. The default is 10.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.4

Other

Single-valued attribute.

9.2.176 orclMaxEntInBER

Description

Stores the maximum allowed BER entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.604

Other

Single-valued attribute.

9.2.177 orclMaxFDLimitReached

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.156

Other

Single-valued attribute.

9.2.178 orclMaxProcessLimitReached

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.164

Other

Single-valued attribute.

9.2.179 orclMaxTcpIdleConnTime

Description

Maximum TCP connection time in minutes for an idle connection to be recorded as idle. The default value is 120 minutes (2 hours). The value of this attribute should be less than that of the DSA configuration set attribute orclLDAPConnTimeout.

This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.196

Other

Single-valued attribute.

9.2.180 orclMemAllocError

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.162

Other

Single-valued attribute.

9.2.181 orclNetDescName

Description

The DN of an Oracle Net Service description entry. Oracle Net directory naming allows net service names to be stored in and retrieved from Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.3.1.12

Other

Single-valued attribute.

9.2.182 orclNetDescString

Description

The description string for an Oracle Net Service. For example:

(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP) (HOST = hostname)(PORT =1521))) (CONNECT_DATA = (SID = ORCL)))

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.3.1.13

Other

Single-valued attribute.

9.2.183 orclNonSSLPort

Description

The non-SSL LDAP listening port for Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.102

Other

Single-valued attribute.

9.2.184 orclNormDN

Description

Identifies the normalized DN of an entry.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.1000

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

9.2.185 orclNWCongested

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.160

Other

Single-valued attribute.

9.2.186 orclNwrwTimeout

Description

Stores the network read/write time out.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.603

Other

Single-valued attribute.

9.2.187 orclNwUnavailable

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.159

Other

Single-valued attribute.

9.2.188 orclObjectGUID

Description

Stores Microsoft Active Directory's OBJECTGUID attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.901

Other

Single-valued attribute.

9.2.189 orclObjectSID

Description

Stores Microsoft Active Directory's OBJECTSID attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.902

Other

Single-valued attribute.

9.2.190 orclODIPAgent

Description

The DN of a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.6

9.2.191 orclODIPAgentConfigInfo

Description

Any configuration information that you want the connector to store in Oracle Internet Directory. It is passed by the directory integration and provisioning server to the connector at time of connector invocation. The information is stored as an attribute and the directory integration and provisioning server does not have any knowledge of its content. When the connector is scheduled for execution, the value of the attribute is stored in the file, ORACLE_HOME/ldap/odi/conf/profile_name.cfg that can be processed by the connector.

Upload the file by using either the Directory Integration and Provisioning Assistant. See "dipassistant" for more information. Do this for both import and export agents.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.24

9.2.192 orclODIPAgentControl

Description

Whether a synchronization profile is enabled or disabled. Valid values are ENABLE or DISABLE. The default is DISABLE.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.3

Other

Single-valued attribute.

9.2.193 orclODIPAgentExeCommand

Description

The executable name and argument list used by the directory integration and provisioning server to invoke a connector. It can be passed as a command-line argument when the connector is invoked. For example, here is a command to invoke the Oracle HR connector:

odihragent OracleHRAgent connect=hrdb login=%orclodipConDirAccessAccount pass=%orclodipConDirAccessPassword date=%orclODIPLastSuccessfulExecutionTime

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.21

Other

Single-valued attribute.

9.2.194 orclODIPAgentHostName

Description

The host name of the Oracle Directory Integration and Provisioning server where the synchronization profile is run.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.5

Other

Single-valued attribute.

9.2.195 orclODIPAgentName

Description

The name of a third-party synchronization profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.1

Other

Single-valued attribute.

9.2.196 orclODIPAgentPassword

Description

Password that the synchronization profile uses to bind to the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.4

Other

Single-valued attribute.

9.2.197 orclODIPApplicationName

Description

The name of an application to which a provisioning subscription belongs.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.7

9.2.198 orclODIPApplicationsLocation

Description

The DN of the application to which a provisioning subscription belongs.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.918

Other

Single-valued attribute.

9.2.199 orclODIPAttributeMappingRules

Description

Attribute for storing the mapping rules used by a synchronization profile. Store the mapping rules in a file by using the Directory Integration and Provisioning Assistant. See "dipassistant" and the Oracle Identity Management Integration Guide for more information about mapping rules.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.41

9.2.200 orclODIPBootStrapStatus

Description

The bootstrap status of a synchronization profile (the initial migration of data between a connected directory and Oracle Internet Directory).

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.101

Other

Single-valued attribute.

9.2.201 orclODIPCommand

Description

The command to invoke a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.9.1.5

9.2.202 orclODIPConDirAccessAccount

Description

Valid user account in the connected directory to be used by the connector for synchronization. The value is specific to the connected directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind DN in the SunONE Directory Server. For the Human Resources Connector, it is a valid user identifier in the Oracle Human Resources database. For other connectors, it can be passed as a command-line argument when the connector is invoked.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.22

Other

Single-valued attribute.

9.2.203 orclODIPConDirAccessPassword

Description

Password to be used by the user specified in the orclODIPConDirAccessAccount attribute to connect to the connected directory. The value is specific to the third-party directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind password in the SunONE Directory Server. For the Human Resources Agent, it is the Oracle Human Resources database password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.23

9.2.204 orclODIPConDirLastAppliedChgNum

Description

For Oracle Directory Integration and Provisioning import operations, the last change from the connected directory that was applied to Oracle Internet Directory. The default value is 0. If you have used the Directory Integration and Provisioning Assistant to bootstrap the connected directory, then this value is set automatically. See "dipassistant" for more information about the bootstrap operation. This is valid only in the import profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.65

Other

Single-valued attribute.

9.2.205 orclODIPConDirMatchingFilter

Description

This attribute specifies the filter to apply to the third-party directory change log. It is used in the Oracle Directory Integration and Provisioning import profile. The filter must be set in the import profile when both the import and export integration profiles are enabled, as follows:

Modifiersname != connected_directory_account

This prevents the same change from being exchanged between the two directories indefinitely. To avoid confusion, make this account specific to synchronization.

See Also: Oracle MetaLink Note 280474.1, "Setting Up Filtering in a DIP Synchronization Profile" available at Oracle MetaLink at http://metalink.oracle.com/.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.42

9.2.206 orclODIPConDirURL

Description

Connection string required to connect to the third-party connected directory. This value refers to the host name and port number as host:port:[sslmode].

To connect by using SSL, enter host:port:1.

Make sure the certificate to connect to the directory is stored in the wallet, the location of which is specified in the file odi.properties.

Note: To connect to SunONE Directory Server by using SSL, the server certificate needs to be loaded into the wallet.

See Also: The chapter on Oracle Wallet Manager in Oracle Advanced Security Administrator's Guide.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.25

Other

Single-valued attribute.

9.2.207 orclODIPConfigDNs

Description

Stores the DNs of integration profiles for a particular configuration set in Oracle Directory Integration and Provisioning.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.72

9.2.208 orclODIPConfigRefreshFlag

Description

Stores a flag which indicates whether any integration profiles have been added, deleted or modified. Used in association with a configuration set.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.71

Other

Single-valued attribute.

9.2.209 orclODIPDbConnectInfo

Description

The connection string for the database of a provisioning profile subscriber. The format of the string is host:port:sid:username:password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubStringsMatch

Object ID

2.16.840.1.113894.9.1.2

9.2.210 orclODIPEncryptedAttrKey

Description

Stores a key which is used to encrypt and decrypt sensitive data that is transmitted by the Oracle directory integration and provisioning server to other applications.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.215

Other

Single-valued attribute.

9.2.211 orclODIPEventFilter

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

Description

The data format or protocol used in synchronization with a third-party directory. Supported values are:

LDIF—Import or export from a LDIF File.
Tagged—Import or export from a tagged file—a proprietary format supported by the Oracle directory integration and provisioning server, similar to LDIF format.
LDAP—Import from or export to an LDAP-compliant directory.
DB —Import from or export to an Oracle Database directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.28

Other

Single-valued attribute.

9.2.217 orclODIPLastExecutionTime

Description

Status attribute set to the last time the integration profile was executed by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss, where hh is the time of day in 24-hour format. This attribute is initialized during profile creation.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.61

Other

Single-valued attribute.

9.2.218 orclODIPLastSuccessfulExecutionTime

Description

Status attribute set to the last time the integration profile was executed successfully by the Oracle Directory Integration and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss, where hh is the time of day in 24-hour format. This attribute is initialized during profile creation.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.62

Other

Single-valued attribute.

9.2.219 orclODIPMustAttrCriteria

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.603

Other

Single-valued attribute.

9.2.220 orclODIPObjectCriteria

Description

Used in an object definition to identify and classify a particular type of object.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.602

9.2.221 orclODIPObjectDefnLocation

Description

Identifies the location of the various object definitions used by the Oracle directory integration and provisioning server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.917

Other

Single-valued attribute.

9.2.222 orclODIPObjectEvents

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.432

9.2.223 orclODIPObjectName

Description

Used in an object definition to store the name of an object.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.601

Other

Single-valued attribute.

9.2.224 orclODIPObjectSyncBase

Description

The search base in the directory for an object associated with an Oracle Directory Integration and Provisioning synchronization profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.431

9.2.225 orclODIPOIDMatchingFilter

Description

In export profiles, this attribute specifies the filter to apply to the Oracle Internet Directory change log container. It is used in the export profile. It must be set in the export profile when both the import and export integration profiles are enabled, as in the following example:

Modifiersname !=orclodipagentname=iPlanetImport,cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory

This prevents the same change from being exchanged between the two directories indefinitely.

In import profiles, this attribute specifies a key for mapping entries between Oracle Internet Directory and the connected directory. This is useful when the DN cannot be used as the key.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.223

9.2.237 orclODIPProfileInterfaceConnectInformation

Description

Contains information that is used by the Oracle directory integration and provisioning server on how to connect to a provisioning-integrated application for event propagation.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.222

Other

Single-valued attribute.

9.2.238 orclODIPProfileInterfaceName

Description

Contains a provisioning-integrated application's interface name, which is used by the Oracle directory integration and provisioning server for event propagation. The value assigned to this attribute depends on the interface type.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.220

Other

Single-valued attribute.

9.2.239 orclODIPProfileInterfaceType

Description

Specifies the type of interface to which events will be propagated by the Oracle directory integration and provisioning server. Valid values for this attribute are PLSQL or JAVA.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.221

Other

Single-valued attribute.

9.2.240 orclODIPProfileInterfaceVersion

Description

Specifies the provisioning profile version to which events will be propagated by the Oracle directory integration and provisioning server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.224

Other

Single-valued attribute.

9.2.241 orclODIPProfileLastAppliedAppEventID

Description

Contains the number of the last event that was generated by a provisioning-integration application and updated in Oracle Internet Directory by the Oracle directory integration and provisioning server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.234

Other

Single-valued attribute.

9.2.242 orclODIPProfileLastProcessingTime

Description

The last time the Oracle Directory Integration and Provisioning synchronization profile was executed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.232

Other

Single-valued attribute.

9.2.243 orclODIPProfileLastSuccessfulProcessingTime

Description

The last time the Oracle Directory Integration and Provisioning synchronization profile was successfully executed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.233

Other

Single-valued attribute.

9.2.244 orclODIPProfileMaxErrors

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.214

Other

Single-valued attribute.

9.2.245 orclODIPProfileMaxEventsPerInvocation

Description

Specifies the maximum number of events that the Oracle directory integration and provisioning server packages and sends to an application during one invocation of a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.212

Other

Single-valued attribute.

9.2.246 orclODIPProfileMaxEventsPerSchedule

Description

Specifies the maximum number of events that the Oracle directory integration and provisioning server sends to an application during one execution of a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.213

Other

Single-valued attribute.

9.2.247 orclODIPProfileMaxRetries

Description

The maximum number of times an Oracle Directory Integration and Provisioning profile is retried in the event of an error.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.211

Other

Single-valued attribute.

9.2.248 orclODIPProfileName

Description

The name of the Oracle Directory Integration and Provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.201

Other

Single-valued attribute.

9.2.249 orclODIPProfileProcessingErrors

Description

Contains errors raised during event propagation by the Oracle directory integration and provisioning server for a particular provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.231

9.2.250 orclODIPProfileProcessingStatus

Description

Contains the Oracle directory integration and provisioning server's event propagation status for a particular provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.230

Other

Description

Used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

Description

Used with version 3.0 provisioning profiles to identify and classify an object based on the entry's object class. This attribute is used in the object definitions stored in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.609

9.2.260 orclODIPProvInterfaceProcessor

Description

Used by the Oracle directory integration and provisioning server to identify the Java classes to use for reading and writing events from and to provisioning-integration applications and for processing event propagation results. The default configurations in this attribute should not be changed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.608

Other

Single-valued attribute.

9.2.261 orclODIPProvisioningAppGUID

Description

The global unique identifier for the application entry associated with a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.402

Other

Single-valued attribute.

9.2.262 orclODIPProvisioningAppName

Description

The distinguished name (DN) of the application to which the provisioning subscription belongs. The combination of the application name and organization name uniquely identifies a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.401

Other

Single-valued attribute.

9.2.263 orclODIPProvisioningEventMappingRules

Description

The event mapping rule maps the object type received from the application (using an optional filter condition) to a domain in Oracle Internet Directory. An inbound provisioning profile can have multiple mapping rules defined.

The following example shows a sample mapping rule value. The rule shows that a user object (USER) whose locality attribute equals US (l=US) should be mapped to the domain l=US,cn=users,dc=company,dc=com.

USER:l=US:l=US,cn=users,dc=company,dc=com

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.406

9.2.264 orclODIPProvisioningEventPermittedOperations

Description

Defines the types of events that the application is allowed to send to the Oracle Directory Integration and Provisioning service. An inbound provisioning profile can have multiple permitted operations defined.

For example, if you wanted to permit the application to send events whenever a user object was added or deleted, or when certain attributes were modified, you would have three permitted operation values such as this:

USER:dc=mycompany,dc=com:ADD(*)
USER:dc=mycompany,dc=com:MODIFY(cn,sn,mail,password)
USER:dc=mycompany,dc=com:DELETE(*)

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.407

9.2.265 orclODIPProvisioningEventSubscription

Description

Defines the types of events that the Oracle Directory Integration and Provisioning service should send to the application. An outbound provisioning profile can have multiple event subscriptions defined.

For example, if you wanted the directory integration server to send events to the application whenever a user or group object was added or deleted, you would have four event subscription values such as this:

GROUP:dc=mycompany,dc=com:ADD(*)
GROUP:dc=mycompany,dc=com:DELETE(*)
USER:dc=mycompany,dc=com:ADD(*)
USER:dc=mycompany,dc=com:DELETE(*)

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.405

9.2.266 orclODIPProvisioningOrgGUID

Description

The global unique identifier for the organization entry associated with a provisioning profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.404

Other

Single-valued attribute.

9.2.267 orclODIPProvisioningOrgName

Description

The distinguished name (DN) of the organization to which the provisioning subscription belongs, for example dc=company,dc=com. The combination of the application DN and organization DN uniquely identifies a provisioning profile. Defaults value is the DN of the default identity management realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.403

Other

Single-valued attribute.

9.2.268 orclODIPProvProfileLocation

Description

Contains the DN of the directory container that stores provisioning profiles.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.916

Other

Single-valued attribute.

9.2.269 orclODIPRootLocation

Description

Refers to the root location in the directory tree where the Oracle Directory Integration and Provisioning configuration is stored.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.912

Other

Single-valued attribute.

9.2.270 orclODIPSchedulingInterval

Description

Time interval in seconds after which a connected directory is synchronized with Oracle Internet Directory. The default is 600.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.6

Other

Single-valued attribute.

9.2.271 orclODIPSchemaVersion

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.911

Other

Single-valued attribute.

9.2.272 orclODIPSearchCountLimit

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.511

Other

Single-valued attribute.

9.2.273 orclODIPSearchTimeLimit

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.512

Other

Single-valued attribute.

9.2.274 orclODIPServerCommitSize

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.515

Other

Single-valued attribute.

9.2.275 orclODIPServerConfigLocation

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.919

Other

Single-valued attribute.

9.2.276 orclODIPServerDebugLevel

Description

The number that corresponds to the debugging level for the Oracle Directory Integration and Provisioning server.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.516

Other

Single-valued attribute.

9.2.277 orclODIPServerRefreshIntvl

Description

The number of minutes between server refreshes for any changes in Oracle Directory Integration and Provisioning profiles. If not specified, the default of 2 is used.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.514

Other

Single-valued attribute.

9.2.278 orclODIPServerSSLMode

Description

The number of the corresponding SSL mode. The default is 0. The modes are as follows:

0 — SSL is not used.
1 — SSL is used for encryption only, not for authentication.
2 — SSL is used for one-way authentication. With this mode you must also specify the complete path and file name of the server's Oracle Wallet.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.513

Other

Single-valued attribute.

9.2.279 orclODIPServerWalletLoc

Description

The complete path and file name of the Oracle Directory Integration and Provisioning server's Oracle Wallet.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.517

Other

Description

Stores the operation result.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.64

9.2.293 orclOpSucceeded

Description

Specifies the number of successful LDAP operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.189

Other

Single-valued attribute.

9.2.294 orclOptContainsQuery

Description

Specifies whether an operation contains a query.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.103

Other

Single-valued attribute.

9.2.295 orclOpTimedOut

Description

Specifies the number of LDAP search operations that timed out.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.169

Other

Single-valued attribute.

9.2.296 orclORA28error

Description

Specifies the number of ORA-28 errors encountered by Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.182

Other

Single-valued attribute.

9.2.297 orclORA3113error

Description

Specifies the number of ORA-3113 errors encountered by Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.157

Other

Single-valued attribute.

9.2.298 orclORA3114error

Description

Specifies the number of ORA-3114 errors encountered by Oracle Internet Directory server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.158

Other

Single-valued attribute.

9.2.299 orclOracleHome

Description

The ORACLE_HOME location of an Oracle service.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

N/A

Object ID

2.16.840.1.113894.7.1.2

Other

Single-valued attribute.

9.2.300 orclOwnerGUID

Description

The global unique identifier of the user who owns an application or resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

Description

Attribute for storing a password to an Oracle component when that password is different from that used to authenticate the user to the directory, namely, userPassword. The value in this attribute is not synchronized with that in the userPassword attribute.

Like authPassword, this attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.210

9.2.306 orclPilotMode

Description

Whether to BEGIN or END pilot mode for a replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.824

Other

Single-valued attribute.

9.2.307 orclPKCS12Hint

Description

Password hint for the user's PKCS12 private key store.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.11

9.2.308 orclPKIMatchingRule

Description

This is used to specify the matching rule for mapping a user's PKI certificate DN to the user's entry DN in Oracle Internet Directory. The following matching rule values are allowed:

0 - Exact match. The PKI certificate DN must match the user entry DN.
1 - Certificate search. Check to see if the user has a PKI certificate provisioned into Oracle Internet Directory.
2 - A combination of exact match and certificate search. If the exact match fails, then a certificate search is performed.
3 - Mapping rule only. Use a mapping rule to map user PKI certificate DNs to Oracle Internet Directory DNs.
4 - Try in order: 1 (mapping rule), 2 (certificate search), 3 (exact match).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.703

Other

Single-valued attribute.

9.2.309 orclPKINextUpdate

Description

The universal time when the certificate revocation list (CRL) should be updated.

Syntax

1.3.6.1.4.1.1466.115.121.1.53 (UTC Time)

Matching Rule

integerMatch

Object ID

Description

An LDAP search filter that specifies entry criteria that will cause the plug-in to not be invoked. For example, if the following filter is used, the plug-in will not be invoked if the target entry has objectclass equal to inetorgperson and sn equal to Cezanne.

(&(objectclass=inetorgperson)(sn=Cezanne))

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.568

Other

Single-valued attribute.

9.2.315 orclPluginIsReplace

Description

For plug-ins that use WHEN timing only. 0 is disabled (default). 1 is enabled. This attribute can be set to enabled only if the orclPluginLDAPOperation attribute value is ldapbind, ldapcompare, or ldapmodify.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.559

Other

Single-valued attribute.

9.2.316 orclPluginKind

Description

The kind of plug-in. PL/SQL is the only allowed value.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.562

Other

Single-valued attribute.

9.2.317 orclPluginLDAPOperation

Description

The LDAP operation that this plug-in supplements. Allowed values are:

ldapcompare
ldapmodify
ldapbind
ldapadd
ldapdelete
ldapsearch

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.557

Other

Single-valued attribute.

9.2.318 orclPluginName

Description

The plug-in package name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.552

Other

Single-valued attribute.

9.2.319 orclPluginPort

Description

The port that the plug-in is using.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.566

Other

Single-valued attribute.

9.2.320 orclPluginRequestGroup

Description

A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who can actually invoke the plug-in. For example, if you specify orclpluginrequestgroup:cn=security,cn=groups,dc=oracle,dc=com, when you register the plug-in, then the plug-in will not be invoked unless the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.564

Other

Single-valued attribute.

9.2.321 orclPluginRequestNegGroup

Description

A semicolon-separated group list that controls if the plug-in takes effect. You can use this group to specify who cannot invoke the plug-in. For example, if you specify orclpluginrequestneggroup: cn=security,cn=groups,dc=oracle,dc=com, when you register the plug-in, then the plug-in will not be invoked if the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.571

Other

Single-valued attribute.

9.2.322 orclPluginResultCode

Description

An integer value to specify the LDAP result code. If this value is specified, then the plug-in will be invoked only if the ldap operation is in that result code scenario. This only applies if the value for the orclPluginTiming attribute is POST.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.565

Other

Single-valued attribute.

9.2.323 orclPluginSASLCallBack

Description

Controls the type of bind used when the LDAP_PLUGIN package connects back to the same Oracle Internet Directory server.

1= SASL bind (default).
0= Simple bind.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.572

Other

Single-valued attribute.

9.2.324 orclPluginSearchNotFound

Description

This only applies if the value for the orclPluginTiming attribute is PRE. Brings in the external entries if the entry is not found in Oracle Internet Directory. Provides additional plug-in invocation checking and ensures that the plug-in will only be invoked when the entry is not present in Oracle Internet Directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.570

Other

Single-valued attribute.

9.2.325 orclPluginShareLibLocation

Description

File location of the program libraries for the plug-in. If this value is not present, then the Oracle Internet Directory server assumes the plug-in language is PL/SQL.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.556

Other

Single-valued attribute.

9.2.326 orclPluginSubscriberDNList

Description

A semicolon-separated DN list that controls if the plug-in takes effect. For example:

dc=COM,c=us;dc=us,dc=oracle,dc=com;dc=org,dc=us;o=IMC,c=US

If the target DN of an LDAP operation is included in the list, then the plug-in is invoked.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.561

Other

Single-valued attribute.

9.2.327 orclPluginTiming

Description

Specifies when the plug-in is to be invoked in relation to the LDAP operation it supplements. The following values are allowed:

PRE
WHEN
POST

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.558

Other

Single-valued attribute.

9.2.328 orclPluginType

Description

Valid value is operational — Operational plug-ins augment existing LDAP operations. The work they perform depends on whether they execute before, after, or in addition to normal directory server operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.553

Other

Single-valued attribute.

9.2.329 orclPluginVersion

Description

The supported version number of the plug-in.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.555

Other

Single-valued attribute.

9.2.330 orclPrName

Description

Stores a process name.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.55

Other

Description

Specifies the purge schedule.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.24

Other

Single-valued attribute.

DSA operational attribute.

9.2.343 orclPurgeStart

Description

The time when the garbage collector starts to run. The format is yyyymmddhhmmss. Default value is 12:00 a.m. of the day Oracle Internet Directory is installed.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.813

Other

Single-valued attribute.

9.2.344 orclPurgeTargetAge

Description

This attribute enables time-based purging of change log records. Set this to the number of hours after which old change logs will be purged. Time-based purging respects the change status of replication, but not the change status of other consumers. When time-based purging is enabled, the change log garbage collector purges all change logs that are not needed by replication and that are at least the specified number of hours old.

The default behavior is change number-based purging, meaning this attribute is NULL or set to a value less than zero. Change number-based purging respects the change status of all change log consumers. That is, it does not purge change logs unless they have been consumed by all consumers. In addition, it does not purge change logs until they are 10 days old.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.800

Other

Single-valued attribute.

9.2.345 orclPurgeTranSize

Description

The number of objects to be purged in one commit transaction. The default value is 1000.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.802

Other

Single-valued attribute.

9.2.346 orclPwdAccountUnlock

Description

Determines whether an account is locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.203

Other

Single-valued attribute.

9.2.347 orclPwdAllowHashCompare

Description

Whether or not to allow password validations by comparing the hash values of encrypted passwords. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.218

Other

Single-valued attribute.

9.2.348 orclPwdAlphaNumeric

Description

Number of numeric characters required in a password. The default value is 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.205

Other

Single-valued attribute.

9.2.349 orclPwdEncryptionEnable

Description

If the value is TRUE, then the user password is stored in reversible encrypted form. If the value is FALSE, then the user password is stored in plain text.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.215

Description

Whether or not to enable account lockouts for a specific IP address. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.200

Other

Single-valued attribute.

9.2.354 orclPwdIPLockoutDuration

Description

The number of seconds you want to enforce account lockout for a specific IP address. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.201

Other

Single-valued attribute.

9.2.355 orclPwdIPMaxFailure

Description

The maximum number of failed logins from a specific IP address after which the account is locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.202

Other

Single-valued attribute.

9.2.356 orclPwdPolicyEnable

Description

Whether to enable (TRUE) or disable (FALSE) the password policy.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.213

Other

Description

The DNs of the replication agreement entries.

Syntax

1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.105

9.2.362 orclReplicaDN

Description

For LDAP-based replication only. The DN of the consumer replica in the replication agreement.

Syntax

1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.817

Other

Single-valued attribute.

9.2.363 orclReplicaID

Description

Naming attribute for the replica subentry. Its value is unique to each directory server node that is initialized at installation. The value of this attribute, assigned during installation, is unique to each directory node, and matches that of the orclreplicaID attribute at the root DSE. You cannot modify this value.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.106

Other

Single-valued attribute.

9.2.364 orclReplicaSecondaryURI

Description

Contains the set of ldapURI formatted addresses that can be used if the orclReplicaURI values cannot be used.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

2.16.840.1.113894.1.1.815

9.2.365 orclReplicaState

Description

Defines the state of the replica. Possible values are:

0 (boot strapping)
1 (online)
2 (offline)
3 (bootstrap in progress)
4 (bootstrap in progress, cn=oraclecontext bootstrap has completed)
5 (bootstrap completed, failure detected for one or more naming contexts)

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.818

Other

Single-valued attribute.

9.2.366 orclReplicationProtocol

Description

Defines the replication protocol for change propagation to replica. Values are:

ODS_ASR_1.0 (Advanced Replication-based protocol)
ODS_LDAP_1.0 (LDAP-based replication)

You cannot modify this attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.29

Other

Single-valued attribute.

9.2.367 orclReplicaType

Description

Defines the type of replica such as read-only or read/write. Possible values are:

0 (Read/Write)
1 (Read-Only)

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.816

Other

Single-valued attribute.

9.2.368 orclReplicaURI

Description

Contains information in ldapURI format that can be used to open a connection to this replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

2.16.840.1.113894.1.1.814

Other

Single-valued attribute.

9.2.369 orclReplicaVersion

Description

Oracle Internet Directory version of the replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.820

Other

Single-valued attribute.

9.2.370 orclResourceIdentifier

Description

Stores the resource identifier.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.348

9.2.371 orclResourceName

Description

Specifies the name of the resource for which the connection information is being maintained.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.350

9.2.372 orclResourceTypeName

Description

Specifies the name of the resource—for example, database, XMLPDS, JDBCPDS.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.351

9.2.373 orclResourceViewers

Description

Lists the resource viewers.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.366

9.2.374 orclRevPwd

Description

Reversible encrypted value of the user password. This attribute is generated only if the attribute value of orclPwdEncryptionEnable in the password policy entry is set to 1. This attribute can be queried only by using the SSL one-way and two-way authentication mechanisms. This attribute cannot be queried over non-SSL sessions.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.16.840.1.113894.1.1.216

Other

Directory operational attribute.

Not user modifiable.

9.2.375 orclSAMAccountName

Description

Stores the value of Active Directory's SAMAccountName attribute. In Oracle Internet Directory, this attribute is defined as a directory string type. However, in Active Directory this attribute cannot accept any special or non-printable characters. If any entry is added in Oracle Internet Directory with this attribute, it can only contain a simple text string or synchronization from Oracle Internet Directory to Active Directory will fail.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.8.1.903

Other

Single-valued attribute.

9.2.376 orclSASLAuthenticationMode

Description

Indicates the SASL authentication mode.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.700

Other

Single-valued attribute.

9.2.377 orclSASLCipherChoice

Description

Contains the SASL cipher choice.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

Description

Indicates the secondary UID of a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.360

9.2.384 orclSequence

Description

Defines a sequence.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.62

9.2.385 orclServerAvgMemGrowth

Description

Specifies the Oracle Internet Directory server process memory growth as a percentage.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.148

Other

Single-valued attribute.

9.2.386 orclServerEvent

Description

Stores the last server event.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.54

9.2.387 orclServerMode

Description

Specifies if data can be written to the server. Valid values are:

r (read-only)
rw (read/write)
rm (read-modify, that is, to read and modify, but not to add or delete)

The default value is rw.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.51

Other

Single-valued attribute.

9.2.388 orclServerProcs

Description

Number of server processes to start. The default for configset0 is 1. You cannot use a negative value for this attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.364

Other

Single-valued attribute.

9.2.389 orclServiceInstanceLocation

Description

Stores the service instance location.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseExactMatch

Object ID

2.16.840.1.113894.1.1.1102

Other

Description

Contains a skewed attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.405

9.2.397 orclSkipRefInSQL

Description

Determines whether to skip references in SQL operations.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.410

Other

Description

Type of SSL authentication to use for this instance of Oracle Internet Directory server. The default value of 1, specifies no SSL authentication. Different instances can have different values. One-way and two-way SSL authentication requires a wallet. You may use one of the following three values:

1 = Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption will be used.
32 = One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.
64 = Two-way authentication. Both client and server send certificates to each other.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.13

Other

Single-valued attribute

9.2.402 orclSSLCipherSuite

Description

A cipher suite is a set of authentication, encryption, and data integrity algorithms used for exchanging messages between network nodes. During an SSL handshake, the two nodes negotiate to see which cipher suite they will use when transmitting messages back and forth. The following cipher suites are supported:

SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_DES_CBC_SHA
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
SSL_DH_anon_WITH_RC4_128_MD5
SSL_DH_anon_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum.

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.19

9.2.403 orclSSLEnable

Description

Flag for enabling or disabling SSL. Use this flag when you use different instances of the same server for either SSL or non-SSL. Allowed values are:

0—for non-secure operation only
1—for SSL authentication only
2— for both non-secure operation and SSL authentication

The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.14

Other

Single-valued attribute

9.2.404 orclSSLPort

Description

The default SSL default port for the directory server. Default value is 636. When you run the directory in the secure mode, it listens at default port 636 and accepts only SSL-based TCP/IP connections. (When you run the directory in the normal mode, it listens at default port 389, accepting normal TCP/IP connections.) You might want to change this port when you add multiple LDAP server instances.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.17

Other

Single-valued attribute

9.2.405 orclSSLVersion

Description

SSL version. The default value is 3.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.18

Other

Single-valued attribute

9.2.406 orclSSLWalletURL

Description

Sets the location of the Oracle Wallet. You initially set this value when you create the wallet. If you elect to change the location of the Oracle Wallet, you must change this parameter. You must set the wallet location on both the client and the server. For example, on UNIX, you could set this parameter as follows:

file:/home/my_dir/my_wallet

On Microsoft Windows, you could set this parameter as follows:

file:C:\my_dir\my_wallet

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.15

Other

Description

Indicates status.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.9.1.9

9.2.413 orclSUAccountLocked

Description

Determines whether a super user account is locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.192

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

9.2.414 orclSubscriberDisable

Description

Whether or not a subscriber is enabled or disabled.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.100

Other

Single-valued attribute.

9.2.415 orclSubscriberFullName

Description

Stores a subscriber's full name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.333

Other

Single-valued attribute.

9.2.416 orclSubscriberNickNameAttribute

Description

Stores a name of an attribute that holds the unique identifier of a realm.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.302

Other

Description

The number of failed login attempts for the directory super user.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.191

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

9.2.422 orclSUName

Description

The distinguished name of the directory super user account, for example, cn=orcladmin.

Syntax

1.3.6.1.4.1.1466.115.121.1.12

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.8

Other

Single-valued attribute.

9.2.423 orclSUPassword

Description

Oracle Internet Directory super user password.

Syntax

1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.9

Other

Single-valued attribute.

9.2.424 orclSystemName

Description

Stores the system name.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.7.1.3

Other

Single-valued attribute.

9.2.425 orclTcpConnToClose

Description

Specifies the number of clients for which the Oracle Internet Directory server will close TCP connections.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.153

Other

Single-valued attribute.

9.2.426 orclTcpConnToShutDown

Description

Specifies the number of clients for which the Oracle Internet Directory server will shut down TCP connections.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.152

Other

Single-valued attribute.

9.2.427 orclThreadSpawnFailed

Description

Reserved for future use.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.154

Other

Single-valued attribute.

9.2.428 orclThreadsPerSupplier

Description

Specifies the number of threads per supplier for the Oracle directory replication server.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

N/A

Object ID

2.16.840.1.113894.1.1.31

Other

Single-valued attribute.

DSA operational attribute.

9.2.429 orclTimeLimit

Description

Maximum number of seconds allowed for a search to be completed. The default value is 3600.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.65

Other

Description

Identifies the trusted application group.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.368

9.2.439 orclUIAccessibilityMode

Description

Set to TRUE to display a user interface that is accessible to people with impaired vision.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

2.16.840.1.113894.1.1.367

Other

Single-valued attribute.

9.2.440 orclUniqueAttrName

Description

The name of an attribute that you want to be unique. Autoboot uniqueness means that each entry must have a unique value for this attribute type.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.500

Other

Single-valued attribute.

9.2.441 orclUniqueEnable

Description

Disables or enables attribute uniqueness constraints. Allowed values are 0 (disable) or 1 (enable). The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.508

Other

Single-valued attribute.

9.2.442 orclUniqueObjectClass

Description

Specifies an object class filter for an attribute uniqueness constraint entry. This means the attribute specified in orclUniqueAttrNamemust be unique in an instance of this object class.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.503

Other

Single-valued attribute.

9.2.443 orclUniqueScope

Description

The scope of the attribute uniqueness constrain in the DIT. Allowed values are:

base—Searches the root entry only
onelevel—Searches one level only
sub—Searches the entire directory

The default value is sub.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.501

Other

Single-valued attribute.

Description

Indicates whether an upgrade is in progress.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.104

Other

Single-valued attribute.

9.2.448 orclUserDN

Description

The distinguished name (DN) of the user who performed an operation.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.16.840.1.113894.1.1.61

9.2.449 orclUserIDAttribute

Description

Specifies the attribute to use as the user identifier value when accessing the resource.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

2.16.840.1.113894.1.1.352

Other

Single-valued attribute.

9.2.450 orclUserModifiable

Description

Specifies if the data is modifiable by the user that this resource access descriptor entry is created for.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch, caseIgnoreSubstringsMatch

Object ID

Description

Identifies workflow notification preferences for a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.15 (Directory String)

Matching Rule

caseIgnoreMatch

Object ID

2.16.840.1.113894.1.1.313

9.2.456 orclWriteWaitThreads

Description

Specifies the number of Oracle Internet Directory server threads waiting to write to the network.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

2.16.840.1.113894.1.1.143

Other

Single-valued attribute.

9.2.457 owner

Description

Specifies the distinguished name (DN) of some object which has some responsibility for the associated object.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

2.5.4.32

9.2.458 pilotStartTime

Description

The time stamp of when pilot mode was started for a replica.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

2.16.840.1.113894.1.1.825

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

9.2.459 preferredServerList

Description

The IP addresses of the preferred servers that a directory user agent should use in a space separated list. The servers in this list are tried in order before those in the defaultServerList until a successful connection is made. This has no default value. At least one server must be specified in either preferredServerList or defaultServerList.

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (Printable String)

Matching Rule

caseIgnoreIA5Match

Object ID

1.3.6.1.4.1.11.1.3.1.1.2

Other

Single-valued attribute.

9.2.460 profileTTL

Description

The time to live before a client directory user agent (DUA) should reread this configuration profile.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.11.1.3.1.1.7

Other

Single-valued attribute.

9.2.461 protocolInformation

Description

This attribute is used in conjunction with the presentationAddress attribute, to provide additional information to the Open System Interconnection (OSI) network service.

Syntax

1.3.6.1.4.1.1466.115.121.1.42 (Protocol Information)

Matching Rule

protocolInformationMatch

Object ID

2.5.4.48

9.2.462 pwdAccountLockedTime

Description

The time stamp of when a user's account was locked.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.17

Other

Single-valued attribute.

Directory operational attribute.

No user modification.

9.2.463 pwdAllowUserChange

Description

A value of TRUE means users can change their own passwords. A value of FALSE means they cannot.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.14

Other

Single-valued attribute.

9.2.464 pwdChangedTime

Description

The time stamp of when the user's current password was created or modified.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.16

Other

Single-valued attribute.

Directory operational attribute.

No user modification.

Description

The number of seconds after which the password failure times are purged from the user entry. If this attribute is not present, or if it has a value of 0, then failure times are never purged. The default value is 0.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.12

Other

Single-valued attribute.

9.2.469 pwdFailureTime

Description

The time stamp of consecutive failed login attempts by the user.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.19

Other

Directory operational attribute.

No user modification.

9.2.470 pwdGraceLoginLimit

Description

Maximum number of grace logins allowed after a password expires. The default value is 0 (no grace logins allowed). The recommended value is 3.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.8

Other

Single-valued attribute.

9.2.471 pwdGraceUseTime

Description

The time stamps of each grace login for a user.

Syntax

1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)

Matching Rule

generalizedTimeMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.21

Other

Directory operational attribute.

No user modification.

9.2.472 pwdHistory

Description

A history of a user's previous passwords. The number of passwords stored in the history is determined by the pwdInHistory attribute.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.20

Other

Single-valued attribute.

Directory operational attribute.

No user modification.

9.2.473 pwdInHistory

Description

Number of previous passwords to be stored in the password history (pwdHistory). If a user attempts to reuse one of the passwords stored in the history, then the password is rejected. The default value is 0 (no previous passwords stored in the history).

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.4

Other

Single-valued attribute.

9.2.474 pwdLockout

Description

Specification for whether users are locked out of the directory after the number of consecutive failed bind attempts specified by pwdMaxFailure. If the value of this policy attribute is TRUE, then users are locked out. If this attribute is not present, or if the value is FALSE, then users are not locked out and the value of pwdMaxFailure is ignored. By default, account lockout is enforced.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.9

Other

Single-valued attribute.

9.2.475 pwdLockoutDuration

Description

The number of seconds a user is locked out of the directory if both of the following are true:

Account lockout is enabled.
The user has been unable to bind successfully to the directory for at least the number of times specified by pwdMaxFailure.

You can set user lockout for a specific duration, or until the administrator resets the user's password. A default value of 0 (zero) means that the user is locked out forever. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.10

Other

Single-valued attribute.

9.2.476 pwdMaxAge

Description

The maximum number of seconds that a given password is valid. If this attribute is not present, or if the value is 0 (zero), then the password does not expire. By default, the passwords expire in 60 days.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.3

Other

Single-valued attribute.

9.2.477 pwdMaxFailure

Description

The number of consecutive failed bind attempts after which a user account is locked. If this attribute is not present, or if the value is 0 (zero), then the account is not locked due to failed bind attempts, and the value of the password lockout policy is ignored. The default is 4.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.11

Other

Single-valued attribute.

9.2.478 pwdMinAge

Description

This attribute holds the number of seconds that must elapse between modifications to the password. If this attribute is not present, 0 seconds is assumed.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.2

Other

Single-valued attribute.

9.2.479 pwdMinLength

Description

The minimum number of characters required in a password. The default is 5. The value for this attribute must be at least 1.

Syntax

1.3.6.1.4.1.1466.115.121.1.27 (Integer)

Matching Rule

integerMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.6

Other

Single-valued attribute.

9.2.480 pwdMustChange

Description

Indicator of whether users must change their passwords after the first login, or after the password is reset by the administrator. Enabling this option requires users to change their passwords even if user-defined passwords are disabled. By default, users need not change their passwords after reset. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.13

Other

Single-valued attribute.

9.2.481 pwdReset

Description

Indicator that the password has been reset and must be changed by the user on first authentication. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.22

Other

Single-valued attribute.

Directory operational attribute.

Not user modifiable.

9.2.482 pwdSafeModify

Description

Indicator of whether user must supply old password with new one when modifying password. By default, the old password is not required. Allowed values are TRUE or FALSE.

Syntax

1.3.6.1.4.1.1466.115.121.1.7 (Boolean)

Matching Rule

booleanMatch

Object ID

1.3.6.1.4.1.42.2.27.8.1.15

Other

Single-valued attribute.

9.2.483 ref

Description

A named reference. Values placed in the attribute must conform to the specification given for the labeledURI attribute (RFC 2079).

Syntax

1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)

Matching Rule

caseExactIA5Match

Object ID

2.16.840.1.113730.3.1.34

Description

The password used to authenticate a user to the directory.

Syntax

1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)

Matching Rule

octetStringMatch

Object ID

2.5.4.35

Other

Single-valued attribute.

9.2.494 userPKCS12

Description

PKCS#12 PFX PDU for exchange of personal identity information.

Syntax

1.3.6.1.4.1.1466.115.121.1.5 (Binary)

Matching Rule

N/A

Object ID

2.16.840.1.113730.3.1.216

9.2.495 x509issuer

Description

The DN of the certificate authority who issued the X.509 certificate revocation list.

Syntax

1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)

Matching Rule

distinguishedNameMatch

Object ID

1.3.6.1.4.1.10126.1.5.3.4

9.2 Oracle Identity Management Attribute Reference

9.2.1 attributeMap

9.2.2 attributeTypes

9.2.3 authenticationMethod

9.2.4 authPassword

9.2.5 bindTimeLimit

9.2.6 c

9.2.7 cn

9.2.8 contentRules

9.2.9 createTimestamp

9.2.10 creatorsName

9.2.11 credentialLevel

9.2.12 defaultSearchBase

9.2.13 defaultSearchScope

9.2.14 defaultServerList

9.2.15 description

9.2.16 displayName

9.2.17 followReferrals

9.2.18 javaClassName

9.2.19 jpegPhoto

9.2.20 krbPrincipalName

9.2.21 labeledURI

9.2.22 ldapSyntaxes

9.2.23 mail

9.2.24 matchingRules

9.2.25 middleName

9.2.26 modifiersName

9.2.27 modifyTimestamp

9.2.28 namingContexts

9.2.29 objectClass

9.2.30 objectClasses

9.2.31 objectClassMap

9.2.32 orclACI

9.2.33 orclACLResultsLatency

9.2.34 orclActiveConn

9.2.35 orclActiveEndDate

9.2.36 orclActiveStartdate

9.2.37 orclActiveThreads

9.2.38 orclAgreementId

9.2.39 orclAnonymousBindsFlag

9.2.40 orclAppFullName

9.2.41 orclAppId

9.2.42 orclApplicationCommonName

9.2.43 orclApplicationType

9.2.44 orclAssocDB

9.2.45 orclAssocIasInstance

9.2.46 orclAttrACLEvalLatency

9.2.47 orclAuditAttribute

9.2.48 orclAuditLevel

9.2.49 orclAuditMessage

9.2.50 orclBERgenLatency

9.2.51 orclCatalogEntryDN

9.2.52 orclCategory

9.2.53 orclCertExtensionAttribute

9.2.54 orclCertExtensionOID

9.2.55 orclCertificateHash

9.2.56 orclCertificateMatch

9.2.57 orclCertMappingAttribute

9.2.58 orclChangeLogLife

9.2.59 orclChangeRetryCount

9.2.60 orclCommonApplicationGuidAttribute

9.2.61 orclCommonAutoRegEnabled

9.2.62 orclCommonContextMap

9.2.63 orclCommonDefaultUserCreateBase

9.2.64 orclCommonGroupCreateBase

9.2.65 orclCommonKrbPrincipalAttribute

9.2.66 orclCommonNamingAttribute

9.2.67 orclCommonNicknameAttribute

9.2.68 orclCommonPasswordPolicy

9.2.69 orclCommonSASLRealm

9.2.70 orclCommonUserSearchBase

9.2.71 orclCommonVerifierEnable

9.2.72 orclCommonWindowsPrincipalAttribute

9.2.73 orclConfigSetNumber

9.2.74 orclConnectByAttribute

9.2.75 orclConnectBySearchBase

9.2.76 orclConnectByStartingValue

9.2.77 orclConnectionFormat

9.2.78 orclContact

9.2.79 orclCryptoScheme

9.2 Oracle Identity Management A ttribute Reference