Solved

OIDs in Windows 2000 Active Directory

Posted on 2003-10-27
4
905 Views
Last Modified: 2008-05-30
Hi,

I have a question regarding the OID's (Object Identifiers)
of software applications that are used within Windows 2000
(with Active Directory) versus other Windows OS's (i.e.
W2k Professional without Active Directory).

I have a VB application that sends messages to the event
viewer and those messages are then trapped (by evntwin)
and sent via SNMP to our company's SNMP manager.  What
I've noticed is that when I configure a VB application in
W2K Professional, the OID's come out:

1.3.6.1.4.1.311.1.13.1.9.69.79.68.66.107.105.109.111.118

But when I configure the same app in Windows 2000 Active
(with Active Directory) the OID's come out:

1.3.9.69.79.68.66.107.105.109.111.118

The last 10 numbers of both strings match up, but the
first couple of numbers are not matching at all.

I believe the issue is around how Microsoft issues OID's
for active directory s/w & h/w vs. non-active directory
s/w & h/w.

Can anybody confirm this or has any experience around this
issue?

Thanks in advance
Aashish
.

0
Comment
Question by:ashu_ca
  • 2
  • 2
4 Comments
 
LVL 24

Expert Comment

by:shivsa
ID: 9628600
May be thin kinl help u.

http://www.windowsitlibrary.com/Content/716/06/6.html
-------
Object Identifier (OID)
In addition to the attributes that assure uniqueness of a particular object, Active Directory needs a way to assure that objects of the same class all come from the same Schema object. This is done by assigning a unique Object Identifier, or Object Identifier (OID) to each object in the Schema naming context. ISO defines the structure and distribution of OIDs in ISO/IEC 8824:1990, "Information Technology—Open Systems Interconnection—Specification of Abstract Syntax Notation One (ASN. 1)."

ASN.1 provides a mechanism for standards bodies in various countries to enumerate standard data items so that they do not conflict with one other. ASN.1 governs more than just directory services classes and attributes. For example, OIDs are used extensively in SNMP to build hierarchies of Management Information Base (MIB) numbers. They are also assigned to many items associated with the Internet. If you’re interested in the list of organizations that assign OID numbers and their hierarchy, it is available at ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers.

If you ever need to create a new attribute or object class in Active Directory, you must have a unique OID. There are a couple of ways to get one. The first is to apply to ANSI for your own numerical series. This costs a few thousand dollars and takes a while to process. The other is to use the OIDGEN utility from the Resource Kit. This will generate a Class and an Attribute OID out of Microsoft’s address space. The disadvantage to using OIDGEN is that the resultant number is very, very, very long. Here is an example:
C:\>oidgen
Attribute Base OID:
1. 2. 840. 113556. 1. 4. 7000. 233. 180672. 443844. 62. 26102. 2020485. 1873967. 207938
Class Base OID:
1. 2. 840. 113556. 1. 5. 7000. 111. 180672. 443844. 62. 199519. 642990. 1996505. 1182366
0
 

Author Comment

by:ashu_ca
ID: 9628683
Thanks for the comment shivsa, but I knew most of the information above.

I still can't figure out why the OID's are different between the two operating systems - anybody have any answers?

Aashish
0
 
LVL 24

Accepted Solution

by:
shivsa earned 125 total points
ID: 9629061
http://www.microsoft.com/msj/0100/activedir/activedir.aspx

To optimize performance, OIDs are maintained in a separated state as a prefix and a suffix. The prefix is the entire OID minus the rightmost (low-order) value. AD stores the prefixes in a table so that it can reference them by an index value. AD then uses the remaining (low-order) part of the OID and the index value for its prefix to identify the classes and attributes. Grouping all your OIDs under common roots keeps the prefix table small. Excessive growth in the prefix table can degrade the performance of the Win2K server hosting AD.
0
 

Author Comment

by:ashu_ca
ID: 9630678
Thanks. That explains why on the surface I see only the low-order OID's.  I guess there would be no way to turn off this prefixing, but I would imagine it is an engrained feature in AD.

Aashish
0

Join & Write a Comment

Just about everyone has an old PC laying around.  Ask anyone in the IT industry, whether they are a professional or play in it as a hobby.  From outdated Desktops to cheap "throwaway" laptops, they are all around and not as hard to "fix up" as you m…
Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now