Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

OIDs in Windows 2000 Active Directory

Posted on 2003-10-27
4
Medium Priority
?
934 Views
Last Modified: 2008-05-30
Hi,

I have a question regarding the OID's (Object Identifiers)
of software applications that are used within Windows 2000
(with Active Directory) versus other Windows OS's (i.e.
W2k Professional without Active Directory).

I have a VB application that sends messages to the event
viewer and those messages are then trapped (by evntwin)
and sent via SNMP to our company's SNMP manager.  What
I've noticed is that when I configure a VB application in
W2K Professional, the OID's come out:

1.3.6.1.4.1.311.1.13.1.9.69.79.68.66.107.105.109.111.118

But when I configure the same app in Windows 2000 Active
(with Active Directory) the OID's come out:

1.3.9.69.79.68.66.107.105.109.111.118

The last 10 numbers of both strings match up, but the
first couple of numbers are not matching at all.

I believe the issue is around how Microsoft issues OID's
for active directory s/w & h/w vs. non-active directory
s/w & h/w.

Can anybody confirm this or has any experience around this
issue?

Thanks in advance
Aashish
.

0
Comment
Question by:ashu_ca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 24

Expert Comment

by:shivsa
ID: 9628600
May be thin kinl help u.

http://www.windowsitlibrary.com/Content/716/06/6.html
-------
Object Identifier (OID)
In addition to the attributes that assure uniqueness of a particular object, Active Directory needs a way to assure that objects of the same class all come from the same Schema object. This is done by assigning a unique Object Identifier, or Object Identifier (OID) to each object in the Schema naming context. ISO defines the structure and distribution of OIDs in ISO/IEC 8824:1990, "Information Technology—Open Systems Interconnection—Specification of Abstract Syntax Notation One (ASN. 1)."

ASN.1 provides a mechanism for standards bodies in various countries to enumerate standard data items so that they do not conflict with one other. ASN.1 governs more than just directory services classes and attributes. For example, OIDs are used extensively in SNMP to build hierarchies of Management Information Base (MIB) numbers. They are also assigned to many items associated with the Internet. If you’re interested in the list of organizations that assign OID numbers and their hierarchy, it is available at ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers.

If you ever need to create a new attribute or object class in Active Directory, you must have a unique OID. There are a couple of ways to get one. The first is to apply to ANSI for your own numerical series. This costs a few thousand dollars and takes a while to process. The other is to use the OIDGEN utility from the Resource Kit. This will generate a Class and an Attribute OID out of Microsoft’s address space. The disadvantage to using OIDGEN is that the resultant number is very, very, very long. Here is an example:
C:\>oidgen
Attribute Base OID:
1. 2. 840. 113556. 1. 4. 7000. 233. 180672. 443844. 62. 26102. 2020485. 1873967. 207938
Class Base OID:
1. 2. 840. 113556. 1. 5. 7000. 111. 180672. 443844. 62. 199519. 642990. 1996505. 1182366
0
 

Author Comment

by:ashu_ca
ID: 9628683
Thanks for the comment shivsa, but I knew most of the information above.

I still can't figure out why the OID's are different between the two operating systems - anybody have any answers?

Aashish
0
 
LVL 24

Accepted Solution

by:
shivsa earned 500 total points
ID: 9629061
http://www.microsoft.com/msj/0100/activedir/activedir.aspx

To optimize performance, OIDs are maintained in a separated state as a prefix and a suffix. The prefix is the entire OID minus the rightmost (low-order) value. AD stores the prefixes in a table so that it can reference them by an index value. AD then uses the remaining (low-order) part of the OID and the index value for its prefix to identify the classes and attributes. Grouping all your OIDs under common roots keeps the prefix table small. Excessive growth in the prefix table can degrade the performance of the Win2K server hosting AD.
0
 

Author Comment

by:ashu_ca
ID: 9630678
Thanks. That explains why on the surface I see only the low-order OID's.  I guess there would be no way to turn off this prefixing, but I would imagine it is an engrained feature in AD.

Aashish
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question