Object Identifiers

Object Identifiers (OIDs) are unique numeric values issued by various issuing authorities to uniquely identify data elements, syntaxes, and other parts of distributed applications. OIDs are found in OSI applications, X.500 Directories, SNMP, and other applications where uniqueness is important. OIDs are based on a tree structure, in which a superior issuing authority, such as the ISO, allocates a branch of the tree to a subauthority, who in turn can allocate subbranches.

The LDAP protocol (RFC 2251) requires a directory service to identify object classes, attributes, and syntaxes with OIDs. This is part of the LDAP X.500 legacy.

OIDs in Active Directory Domain Services include some issued by the ISO for X.500 classes and attributes, and some issued by Microsoft and other issuing authorities. OID notation is a dotted string of numbers, for example "1.2.840.113556.1.5.9", which is described in the following table.

1ISOIdentifies the root authority.
2ANSIGroup designation assigned by ISO.
840USA Country/region designation assigned by the group.
113556MicrosoftOrganization designation assigned by the country/region.
1Active DirectoryAssigned by the organization.
5ClassesAssigned by the organization.
9user classAssigned by the organization.


For more information, and a discussion of two procedures used to obtain valid OIDs for use in extending the Active Directory schema, see Obtaining an Object Identifier.