8 LDAP Attribute Reference
For a list of attributes grouped by functional categories, see Overview of Oracle Identity Management Schema Elements.
8.1 Standard LDAP Attributes
Oracle Internet Directory supports the following standard LDAP attributes as defined in the Internet Engineering Task Force (IETF) Requests for Comments (RFC) specifications.
Details of RFC specifications can be found on the IETF Web site at: http://www.ietf.org
.
Table 8-1 Standard LDAP Attributes Used By Oracle Internet Directory
Attribute Name | Specification |
---|---|
aliasedObjectName |
RFC 2256 |
applicationEntity |
RFC 2256 |
associatedDomain |
RFC 1274 |
associatedName |
RFC 1274 |
audio |
RFC 1274 |
authorityRevocationList |
RFC 2256 |
authPassword |
RFC 3112 |
bootFile |
RFC 2307 |
bootParameter |
RFC 2307 |
businessCategory |
RFC 2256 |
c |
RFC 2256 |
caCertificate |
RFC 2256 |
carLicense |
RFC 2798 |
certificateRevocationList |
RFC 2256 |
cn |
RFC 2256 |
co |
RFC 1274 |
crossCertificatePair |
RFC 2256 |
dc |
RFC 2247 |
deltaRevocationList |
RFC 2256 |
departmentNumber |
RFC 2798 |
description |
RFC 2256 |
destinationIndicator |
RFC 2256 |
displayName |
RFC 2798 |
dITRedirect |
RFC 1274 |
dmdName |
RFC 2256 |
dNSRecord |
RFC 1274 |
drink |
RFC 1274 |
dSAQuality |
RFC 1274 |
employeeNumber |
RFC 2798 |
employeeType |
RFC 2798 |
facsimileTelephoneNumber |
RFC 2256 |
gecos |
RFC 2307 |
gidNumber |
RFC 2307 |
givenName |
RFC 2798 |
homeDirectory |
RFC 2307 |
homePhone |
RFC 1274 |
homePostalAddress |
RFC 1274 |
host |
RFC 1274 |
initials |
RFC 2256 |
internationalISDNNumber |
RFC 2256 |
ipHostNumber |
RFC 2307 |
ipNetmaskNumber |
RFC 2307 |
ipNetworkNumber |
RFC 2307 |
ipProtocolNumber |
RFC 2307 |
ipServicePort |
RFC 2307 |
ipServiceProtocol |
RFC 2307 |
javaClassName |
RFC 2713 |
javaClassNames |
RFC 2307 |
javaCodebase |
RFC 2307 |
javaDoc |
RFC 2307 |
javaFactory |
RFC 2307 |
javaReferenceAddress |
RFC 2713 |
javaSerializedData |
RFC 2713 |
janetMailbox |
RFC 1274 |
jpegPhoto |
RFC 1488 |
knowledgeInformation |
RFC 2256 |
l |
RFC 2256 |
labeledURI |
RFC 2079 |
lastModifiedBy |
RFC 1274 |
lastModifiedTime |
RFC 1274 |
loginShell |
RFC 2307 |
macAddress |
RFC 2307 |
|
RFC 2798 |
mailAlternateAddress |
RFC 2256 |
mailHost |
RFC 2256 |
mailPreferenceOption |
RFC 1274 |
mailRoutingAddress |
RFC 2256 |
manager |
RFC 1274 |
member |
RFC 2256 |
memberNisNetgroup |
RFC 2307 |
memberUid |
RFC 2307 |
mobile |
RFC 1274 |
nisDomain |
RFC 2307 |
nisMapEntry |
RFC 2307 |
nisMapName |
RFC 2307 |
nisNetgroupTriple |
RFC 2307 |
nisPublicKey |
RFC 2307 |
nisSecretKey |
RFC 2307 |
o |
RFC 2256 |
oncRpcNumber |
RFC 2307 |
organizationalStatus |
RFC 1274 |
otherMailbox |
RFC 1274 |
ou |
RFC 2256 |
owner |
RFC 2256 |
pager |
RFC 1274 |
personalSignature |
RFC 1274 |
personalTitle |
RFC 1274 |
photo |
RFC 1274 |
physicalDeliveryOfficeName |
RFC 2256 |
postalAddress |
RFC 2256 |
postalCode |
RFC 2256 |
postOfficeBox |
RFC 2256 |
preferredDeliveryMethod |
RFC 2256 |
preferredDeliveryMethod |
RFC 2377 |
preferredLanguage |
RFC 2798 |
presentationAddress |
RFC 2256 |
protocolInformation |
RFC 2256 |
ref |
RFC 3296 |
registeredAddress |
RFC 2256 |
roleOccupant |
RFC 2256 |
roomNumber |
RFC 1274 |
searchGuide |
RFC 2256 |
secretary |
RFC 1274 |
seeAlso |
RFC 2256 |
serialNumber |
RFC 2256 |
shadowExpire |
RFC 2307 |
shadowFlag |
RFC 2307 |
shadowInactive |
RFC 2307 |
shadowLastChange |
RFC 2307 |
shadowMax |
RFC 2307 |
shadowMin |
RFC 2307 |
shadowWarning |
RFC 2307 |
sn |
RFC 2256 |
st |
RFC 2256 |
street |
RFC 2256 |
subtreeMaximumQuality |
RFC 1274 |
subtreeMinimumQuality |
RFC 1274 |
supportedApplicationContext |
RFC 2256 |
telephoneNumber |
RFC 2256 |
teletexTerminalIdentifier |
RFC 2256 |
telexNumber |
RFC 2256 |
textEncodedORaddress |
RFC 2377 |
title |
RFC 2256 |
uid |
RFC 2253 |
uidNumber |
RFC 2307 |
uniqueIdentifier |
RFC 1274 |
uniqueMember |
RFC 2256 |
userCertificate;binary |
RFC 2256 |
userClass |
RFC 1274 |
userPassword |
RFC 2256 |
userPKCS12 |
RFC 2798 |
userSMIMECertificate |
RFC 2798 |
x121Address |
RFC 2256 |
x500UniqueIdentifier |
RFC 2256 |
8.2 Oracle Identity Management Attribute Reference
Oracle Identity Management attributes are the attributes used in entries pertaining to Oracle Internet Directory, Oracle Directory Integration Platform, Oracle Delegated Administration Services, and Oracle Single Sign-On.
Note:
Oracle Fusion Middleware 11g Release 1 (11.1.1.0.0) does not include Oracle Single Sign-On or Oracle Delegated Administration Services. Oracle Internet Directory 11g Release 1 (11.1.1.0.0), however, is compatible with Oracle Single Sign-On and Oracle Delegated Administration Services 10g (10.1.4.3.0) or later.
See Also:
The chapter on Managing System Configuration Attributes in Administering Oracle Internet Directory.
8.2.1 attributeMap
attributeMap
contains the attribute mapping used by the POSIX naming directory user agent (DUA).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.9
8.2.2 attributeTypes
attributeTypes
contains definitions of each attribute type available in the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.3 (Attribute Type Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
2.5.21.5
Other
Directory operational attribute.
8.2.3 authenticationMethod
authenticationMethod
identifies the type of authentication method used to contact the directory server agent (DSA).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.6
Other
Single-valued attribute.
8.2.4 authPassword
authPassword
is the attribute for storing a password to an Oracle component when that password is the same as that used to authenticate the user to the directory, namely, userPassword
.
The value in this attribute is synchronized with that in the userPassword attribute.
Several different applications can require the user to enter the same clear text password used for the directory, but each application may hash it with a different algorithm. In this case, the same clear text password can become the source of several different password verifiers.
This attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password. If the userpassword
attribute is modified, then the authpassword
values for all applications are regenerated.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
1.3.6.1.4.1.4203.1.3.4
8.2.5 bindAuthPriv
bindAuthPriv
allows Oracle Internet Directory server to restrict users who can bind to it.
The administrator creates an LDAP group entry where only members of the group can bind to the server. Each user entry of users who are allowed to bind to the server must contain an bindAuthPriv
attribute that points to the group. If a user is not a member of the group, bind requests are rejected. Several other considerations are:
-
The
bindAuthPriv
attribute can be a collective attribute that allows specific users to inherit it. -
The LDAP group can be a nested group.
-
The administrator must ensure the proper ACL for the
bindAuthPriv
attribute, so that the attribute can be added to a user entry only by an administrator.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.641
Other
Single-valued attribute.
8.2.6 bindTimeLimit
bindTimeLimit
is the maximum time in seconds a POSIX directory user agent (DUA) should allow for a search to complete.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.11.1.3.1.1.4
Other
Single-valued attribute.
8.2.7 c
c
specifies the country associated with a user's address.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.5.4.6
Other
Single-valued attribute.
8.2.8 changeloginfo
changeloginfo
is the attribute that provides additional change log information, such as the value of the client IP address.
For example:
changeloginfo=clientip=::ffff:10.229.116.104
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.510
Other
Single-valued attribute.
8.2.9 changestatus
changestatus
is the last change number transported by the replication server.
Syntax
DN
Matching Rule
DistinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.22
8.2.10 cn
cn
is the common name (nickname) attribute which contains the name of an object. If the object corresponds to a user, it is typically the user's full name. A cn (common name) isn't unique, whereas a dn (distinguished name) is unique.
For example, if ABC corp employs two people with the name John Smith, one in HR and one in Finance then they both would have a cn=John Smith, but they would have unique DNs because the DN would take the form:
cn=John Smith, ou=HR, o=ABC or cn=John Smith, ou=Finance, 0=ABC Where ou= organizational unit, and o=organization
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseIgnoreMatch
Object ID
2.5.4.3
8.2.11 contentRules
contentRules
specifies the permissible content of entries of a particular structural object class through the identification of an optional set of auxiliary object classes, mandatory, optional, and precluded attributes.
Syntax
1.3.6.1.4.1.1466.115.121.1.16 (DIT Content Rule Description)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1004
8.2.12 createTimestamp
createTimestamp
is the time that the entry was created.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rules
generalizedTimeMatch
Object ID
2.5.18.1
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.13 creatorsName
creatorsName
is the DN of the entity (such as a user or an application) that created the entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.18.3
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.14 credentialLevel
credentialLevel
identifies the type of credentials a POSIX directory user agent (DUA) should use when binding to the directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.10
Other
Single-valued attribute.
8.2.15 defaultSearchBase
defaultSearchBase
is the default base DN used by a POSIX directory user agent (DUA).
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
1.3.6.1.4.1.11.1.3.1.1.1
Other
Single-valued attribute.
8.2.16 defaultSearchScope
defaultSearchScope
is the user defined search scope used by a POSIX directory user agent (DUA).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.12
Other
Single-valued attribute.
8.2.17 defaultServerList
defaultServerList
is the IP addresses of the default servers that a directory user agent (DUA) should use in a space separated list.
After the servers in preferredServerList are tried, those default servers on the client's subnet are tried, followed by the remaining default servers, until a connection is made. At least one server must be specified in either preferredServerList
or defaultServerList
. This attribute has no default value.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.0
Other
Single-valued attribute.
8.2.18 description
description
is an optional description for the entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.5.4.13
8.2.19 displayName
displayName
is the preferred name used when displaying the entry in the GUI tools.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113730.3.1.241
Other
Single-valued attribute.
8.2.20 followReferrals
followReferrals
tells a POSIX directory user agent (DUA) if it should follow referrals returned by a directory server agent (DSA) search result.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.5
Other
Single-valued attribute.
8.2.21 javaClassName
javaClassName
is the fully qualified name of a distinguished Java class or interface.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseExactMatch
Object ID
1.3.6.1.4.1.42.2.27.4.1.6
Other
Single-valued attribute.
8.2.22 jpegPhoto
jpegPhoto
is a photograph file in JPEG format.
Syntax
1.3.6.1.4.1.1466.115.121.1.28 (Binary)
Matching Rule
octetStringMatch
Object ID
0.9.2342.19200300.100.1.60
8.2.23 krbPrincipalName
krbPrincipalName
contains the Kerberos principal name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
1.3.18.0.2.4.1091
Other
Single-valued attribute.
8.2.24 labeledURI
labeledURI
is a Uniform Resource Locator (URL).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
1.3.6.1.4.1.250.1.57
8.2.25 ldapSyntaxes
ldapSyntaxes
identifies the LDAP syntaxes implemented in the directory schema.
Syntax
1.3.6.1.4.1.1466.115.121.1.54 (LDAP Syntax Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
1.3.6.1.4.1.1466.101.120.16
Other
Directory operational attribute.
8.2.26 mail
This attribute is defined in RFC 1274. Identifies a user's primary e-mail address (the e-mail address retrieved and displayed by "white-pages" lookup applications).
For example: mail: user.name@example.com
Syntax
1.3.6.1.4.1.1466.115.121.1.26{256} (IA5 String, 256 character maximum)
Matching Rule
caseIgnoreIA5Match
Object ID
0.9.2342.19200300.100.1.3
8.2.27 matchingRules
matchingRules
identifies the matching rules implemented in the directory schema.
Syntax
1.3.6.1.4.1.1466.115.121.1.30 (Matching Rule Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
2.5.21.4
Other
Directory operational attribute.
8.2.28 middleName
middleName
is a user's middle name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
1.3.6.1.4.1.1466.101.120.34
8.2.29 modifiersName
modifiersName
is the DN of the entity (such as a user or application) that last updated the entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.18.4
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.30 modifyTimestamp
modifyTimestamp
is the time the entry was last modified.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.5.18.2
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.31 namingContexts
namingContexts
is the top-level DNs for the naming contexts contained in this server. You must have superuser privileges to publish a DN as a naming context. There is no default value.
This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.1466.101.120.5
Other
DSA operational attribute.
8.2.32 objectClass
objectClass
is the list of object classes from which this object class is derived.
Syntax
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
Matching Rule
objectIdentifierMatch
Object ID
2.5.4.0
8.2.33 objectClasses
objectClasses
defines the object classes which are in force within a subschema.
Syntax
1.3.6.1.4.1.1466.115.121.1.37 (Object Class Description)
Matching Rule
objectIdentifierFirstComponentMatch
Object ID
2.5.21.6
Other
Directory operational attribute.
8.2.34 objectClassMap
objectClassMap
is a mapping from an object class defined by a directory user agent (DUA) to an object class in an alternative schema used in the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.11
8.2.35 orclACI
Access control instructions are stored in the directory as attributes of entries. The orclACI
attribute is an operational attribute; it is available for use on every entry in the directory, regardless of whether it is defined for the object class of the entry. It is used by the directory server to evaluate what rights are granted or denied when it receives an LDAP request from a client.
Syntax
1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)
Matching Rule
accessDirectiveMatch
Object ID
2.16.840.1.113894.1.1.42
8.2.36 orclACLResultsLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.129
Other
Single-valued attribute.
8.2.37 orclActivateReplication
orclActivateReplication
specifies that replication be activated on the replication server designated by orclOidInstanceName
and orclOidComponentName
. 1: Start replication server, 0: Stop replication server.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.616
8.2.38 orclActiveConn
orclActiveConn
specifies the number of active connections to the Oracle Internet Directory server, including client LDAP connections and database connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.150
Other
Single-valued attribute.
8.2.39 orclActiveEndDate
orclActiveEndDate
specifies the date and time beyond which a user account is no longer active and beyond which the user is not allowed to authenticate.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.339
Other
Single-valued attribute.
8.2.40 orclActiveStartdate
orclActiveStartdate
specifies the date and time that a user account is active and the user is allowed to authenticate. If not specified, then the user is considered active immediately.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.330
Other
Single-valued attribute.
8.2.41 orclActiveThreads
orclActiveThreads
specifies the number of active threads on the Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.140
Other
Single-valued attribute.
8.2.42 orclAgreementId
orclAgreementId
is the naming attribute for the replication agreement entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.26
Other
Single-valued attribute.
8.2.43 orclagreementtype
orclagreementtype
is the replication agreement type.
Replication agreement type: '0-OneWay 1-TwoWay, 2-LDAP Multimaster, 3-ASR Multimaster.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.511
8.2.44 orclAnonymousBindsFlag
orclAnonymousBindsFlag
specifies whether anonymous binds to the directory are allowed or not.
If set to 2, anonymous binds are allowed, but only search operations on root DSE entry are allowed for anonymous users. If set to 1, then anonymous binds are allowed. If set to 0 (zero), then anonymous binds are not allowed. The default is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.299
Other
Single-valued attribute.
8.2.45 orclAppFullName
orclAppFullName
is the full name of an application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.320
8.2.46 orclAppId
orclAppId
is the unique identifier of an application entry associated with a password verifier.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.207
Other
Single-valued attribute.
8.2.47 orclApplicationAddress
orclApplicationAddress
is the address of the application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.318
8.2.48 orclApplicationCommonName
orclApplicationCommonName
is the common name (cn) of the application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.319
8.2.49 orclApplicationType
orclApplicationType
identifies the application type, such as Oracle Portal.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.280
Other
Single-valued attribute.
8.2.50 orclAssocDB
orclAssocDB
identifies the associated Oracle Database instance with the application or service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1007
8.2.51 orclAssocIasInstance
orclAssocIasInstance
identifies the associated Oracle Application Server instance with the application or service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1006
8.2.52 orclAttrACLEvalLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.138
Other
Single-valued attribute.
8.2.53 orclAudCustEvents
orclAudCustEvents
is a comma-separated list of events and category names to be audited. Custom events are only applicable when orclAudFilterPreset
is Custom
.
Examples include:
Authentication.SUCCESSESONLY, Authorization(Permission -eq 'CSFPerfmission")
Syntax
IA5 String
Matching Rule
caseExactIAI5Match
Object ID
2.16.840.1.113894.1.1.373
8.2.54 orclAudFilterPreset
orclAudFilterPreset
replaces the audit levels used in 10g (10.1.4.0.1) and earlier releases.
Values are None
, Low
, Medium
, All
, and Custom
.
Syntax
IA5 String
Matching Rule
caseExactIAI5Match
Object ID
2.16.840.1.113894.1.1.372
8.2.55 orclAuditAttribute
orclAuditAttribute
identifies the audit attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.58
8.2.56 orclAuditMessage
orclAuditMessage
stores an audit message.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.59
8.2.57 orclAudSplUsers
orclAudSplUsers
is a comma separated list of users for whom auditing is always enabled, even if orclAudFilterPreset
is None
.
For example:
cn=orcladmin.
Syntax
IA5 String
Matching Rule
caseExactIAI5Match
Object ID
2.16.840.1.113894.1.1.374
8.2.58 orclBERgenLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.139
Other
Single-valued attribute.
8.2.59 orclBlockDNIP
orclBlockDNIP
is an IP address that causes Oracle Internet Directory server to reject any new connections and close any existing connections from that IP address.
Note:
You need to use the subtype
property along with this attribute to configure DN or IP address that needs to be blocked. Use the following subtype:
For DN: dn
For IP address: ip
Consider the following examples:
orclblockdnip;dn: cn=jdoe,ou=abc,c=us orclblockdnip;ip: ffff:11.234.56.789
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.382
Other
Single-valued attribute.
8.2.60 orclcachenotifyip
orclcachenotifyip
is a configuration attribute that associates a port number with an IP address in order to allow Oracle Internet Directory servers to communicate with each other in a cluster environment when cached data is changed.
The servers communicate with each other using the LDAP protocol. For example, the following LDIF file, which you can load using the ldapmodify
command, associates port number 5678 with IP address 10.10.10.4 for the oid1 instance:
dn: cn=oid1,cn=osdldapd,cn=subconfigsubentry changetype: modify add: orclcachenotifyip;5678 orclcachenotifyip;5678: 10.10.10.4
When orclcachenotifyip is configured for an Oracle Internet Directory instance, the IP address must be local to the node where the instance is running.
Syntax
1.3.6.1.4.1.1466.115.121.1.44
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.640
8.2.61 orclCatalogEntryDN
orclCatalogEntryDN
contains the DN of the catalog entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.50
Other
Single-valued attribute.
8.2.62 orclCategory
orclCategory
identifies the business category of a service or an application entity.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.317
8.2.63 orclCertExtensionAttribute
orclCertExtensionAttribute
holds the OID
of a field within an extension field of the client certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
Matching Rule
objectIdentifierMatch
Object ID
2.16.840.1.113894.1.1.711
Other
Single-valued attribute.
8.2.64 orclCertExtensionOID
orclCertExtensionOID
holds the extension field OID
of the client certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.38 (Object Identifier)
Matching Rule
objectIdentifierMatch
Object ID
2.16.840.1.113894.1.1.709
Other
Single-valued attribute.
8.2.65 orclCertificateHash
This is a special catalog attribute used for certificate matching. The value of this attribute is computed by calculating a hash of the user certificate when it is added to Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.184
Other
Single-valued attribute.
Not user modifiable.
8.2.66 orclCertificateMatch
This is a special catalog attribute used for certificate matching. The value of this attribute contains the correct matching value to use for a user certificate based on the orclPKIMatchingRule
setting.
Refer orclPKIMatchingRule setting
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.183
Other
Single-valued attribute.
Not user modifiable.
8.2.67 orclCertMappingAttribute
orclCertMappingAttribute
holds the standard field OID
of the client certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.708
Other
Single-valued attribute.
8.2.68 orclChangeLogLife
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.806
Other
Single-valued attribute.
DSA operational attribute.
8.2.69 orclChangeRetryCount
orclChangeRetryCount
is the number of processing retry attempts for a replication change-entry before being moved to the human intervention queue. The value for this parameter must be equal to or greater than 1 (one).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.23
Other
Single-valued attribute.
DSA operational attribute.
8.2.70 orclCommonAutoRegEnabled
orclCommonAutoRegEnabled
specifies if auto-registration is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.567
Other
Single-valued attribute.
8.2.71 orclCommonContextMap
orclCommonContextMap
stores the common context map.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.904
Other
Single-valued attribute.
8.2.72 orclCommonDefaultUserCreateBase
orclCommonDefaultUserCreateBase
identifies the default user creation base where users are created.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.908
Other
Single-valued attribute.
8.2.73 orclCommonGroupCreateBase
orclCommonGroupCreateBase
identifies the group creation base under which Oracle Delegated Administration
Services creates groups.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.903
8.2.74 orclCommonNamingAttribute
specifies the name of the attribute that is used as an RDN component when creating a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.900
8.2.75 orclCommonNicknameAttribute
orclCommonNicknameAttribute
specifies the name of the attribute that uniquely identifies users.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.7
Other
Single-valued attribute.
8.2.76 orclCommonSASLRealm
orclCommonSASLRealm
identifies the common SASL realm. This attribute contains a string value specifying a subset of related entries under a subscriber realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.20
Other
Single-valued attribute.
8.2.77 orclCommonUserSearchBase
orclCommonUserSearchBase
identifies the branch that contains user entries.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.7.1.10
8.2.78 orclCommonVerifierEnable
If this attribute is enabled then the common verifier is used for all related applications. If this attribute is disabled then each application must setup their own verifier profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.214
Other
Single-valued attribute.
8.2.79 orclCommonVerifierEnable
If this attribute is enabled then the common verifier is used for all related applications. If this attribute is disabled then each application must setup their own verifier profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.214
Other
Single-valued attribute.
8.2.80 orclCompatibleVersion
orclCompatibleVersion
is the Oracle Internet Directory version. Do not modify this attribute. It must be present for Oracle Internet Directory 11.1.1.6.0 or later to work with the schema.
Values can be:
-
orclcompatibleversion 11.1.1.6.0
-
orclcompatibleversion 11.1.1.7.0
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1302
Other
Multi-valued attribute.
8.2.81 orclComputedAttribute
Attribute that allows a configurable attribute and its value to be dynamically computed based on one or more specific rules.
See Also Managing Computed Attributes in Administering Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.44
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.628
Other
Multi-valued attribute.
8.2.82 orclconflresolution
Automatically resolve replication conflicts. When this feature is enabled, conflicts in the Human Intervention Queue are automatically moved to the purge queue if the supplier's schema and consumer's schema match.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.828
8.2.83 orclConnectByAttribute
The attribute type name that you want to use as the filter for a dynamic group query—for example, manager
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1001
Other
Single-valued attribute.
8.2.84 orclConnectBySearchBase
A naming context in the DIT that you want to use as the base for a dynamic group query—for example, l=us,dc=mycompany,dc=com
. This attribute is currently not used.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1003
Other
Single-valued attribute.
8.2.85 orclConnectByStartingValue
For a dynamic group query, this specifies the DN of the attribute specified in the orclConnectByAttribute
attribute—for example, Anne Smith
.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1002
Other
Single-valued attribute.
8.2.86 orclConnectionFormat
Specifies the format used to construct the connect string associated with a resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.354
Other
Single-valued attribute.
8.2.87 orclContact
orclContact
identifies a contact person for an organization or an application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.332
Other
Single-valued attribute.
8.2.88 orclCryptoScheme
The hash algorithm used to encrypt passwords that are stored in the directory. Options are: MD4, MD5, No encryption, SHA, SSHA,SHA256, SHA384, SHA512, SSHA256, SSHA384, SSHA512, SMD5, or UNIX Crypt. The default is SSHA.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 characters maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.68
Other
Single-valued attribute.
8.2.89 orclDASAdminModifiable
orclDASAdminModifiable
specifies whether administration of this entry is available through Oracle Delegated Administration
Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.324
Other
Single-valued attribute.
8.2.90 orclDASAttrDispOrder
orclDASAttrDispOrder
specifies the display order of an attribute in Oracle Delegated Administration
Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.341
8.2.91 orclDASAttrName
orclDASAttrName
specifies the name of an attribute to show in Oracle Delegated Administration
Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.340
8.2.92 orclDASEnableProductLogo
orclDASEnableProductLogo
specifies whether to display a product logo on the Identity Management Realm Configuration window of Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.362
Other
Single-valued attribute.
8.2.93 orclDASEnableSubscriberLogo
orclDASEnableSubscriberLogo
specifies whether to display a realm logo on the Identity Management Realm Configuration window of Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.361
Other
Single-valued attribute.
8.2.94 orclDASIsEnabled
orclDASIsEnabled
specifies whether an attribute is enabled for Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.344
Other
Single-valued attribute.
8.2.95 orclDASIsMandatory
orclDASIsMandatory
specifies whether an attribute is mandatory for Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.321
Other
Single-valued attribute.
8.2.96 orclDASIsPersonal
orclDASIsPersonal
specifies whether an attribute is personal information to be supplied by a user in Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.326
Other
Single-valued attribute.
8.2.97 orclDASLOV
The list of values to display to users in the UI when the orclDASUIType
=Predefined List.
See orclDASUIType
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.328
8.2.98 orclDASPublicGroupDNs
orclDASPublicGroupDNs
specifies the DNs of groups available for Oracle Delegated Administration
Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.343
8.2.99 orclDASSearchable
orclDASSearchable
specifies whether of not this attribute is searchable in Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.906
Other
Single-valued attribute.
8.2.100 orclDASSearchColIndex
orclDASSearchColIndex
indicates the position in the DAS search result table column, if present.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.902
Other
Single-valued attribute.
8.2.101 orclDASSearchFilter
orclDASSearchFilter
specifies whether the attribute is searchable through Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.325
Other
Single-valued attribute.
8.2.102 orclDASSearchSizeLimit
orclDASSearchSizeLimit
is the maximum number of entries to return in a Oracle Delegated Administration
Services search.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.363
Other
Single-valued attribute.
8.2.103 orclDASSelfModifiable
orclDASSelfModifiable
specifies whether an attribute is modifiable by the user in Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.322
Other
Single-valued attribute.
8.2.104 orclDASUIType
orclDASUIType
specifies the UI field type for an attribute when displayed in Oracle Delegated Administration
Services.
Options are:
-
Single Line Text
-
Multi Line Text
-
Predefined List
-
Date
-
Browse and Select
-
Number
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.327
Other
Single-valued attribute.
8.2.105 orclDASURL
The corresponding URL of an Oracle Delegated Administration Services unit.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.310
8.2.106 orclDASURLBase
This holds the URL base in install area for Oracle Delegated Administration Services.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.345
8.2.107 orclDASValidatePwdReset
orclDASValidatePwdReset
specifies whether this attribute can be used for password reset validation purposes in Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.905
Other
Single-valued attribute.
8.2.108 orclDASViewable
orclDASViewable
specifies whether this attribute is viewable through Oracle Delegated Administration
Services. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.323
Other
Single-valued attribute.
8.2.109 orcldataprivacymode
orcldataprivacymode
specifies Data Privacy mode.
Sensitive attributes encrypted when returned.
0: Disabled, 1: Enabled
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.890
8.2.110 orclDateOfBirth
orclDateOfBirth
specifies the date on which a user was born.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.307
Other
Single-valued attribute.
8.2.111 orclDBConnCreationFailed
orclDBConnCreationFailed
indicates a connection failure to the database in an error log entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.155
Other
Single-valued attribute.
8.2.112 orclDBLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.130
Other
Single-valued attribute.
8.2.113 orclDBSchemaIdentifier
orclDBSchemaIdentifier
is the DN of the DB registration entry in OID that an application entity uses.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.347
8.2.114 orclDBType
orclDBType
indicates the type of database used. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.5
Other
Single-valued attribute.
8.2.115 orclDebugFlag
orclDebugFlag
is the debug level associated with a server instance. The default is 0 (zero). The valid range is 0 to 402653184.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.97
Other
Single-valued attribute.
8.2.116 orclDebugForceFlush
orclDebugForceFlush
specifies whether debug messages are to be written to the log file when a message is logged by the directory server. To enable it, set its value to 1. To disable it set it to 0, which is its default value.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.193
Other
Single-valued attribute.
8.2.117 orcldebuglevel
orcldebuglevel
specifies the Replication server debug level.
Values are additive:
0: No Debug Log, 2097152: Replication Performance Log, 4194304: Replication Debug Log, 8388608: Function Call Trace, 16777216: Heavy Trace Log
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.3
8.2.118 orclDebugOp
To make logging more focused, orclDebugOp
limits logged information to particular directory server operations by specifying the debug dimension to those operations.
Values for operations are:
-
1 - ldapbind
-
2 - ldapunbind
-
4 - ldapadd
-
8 - ldapdelete
-
16 - ldapmodify
-
32 - ldapmodrdn
-
64 - ldapcompare
-
128 - ldapsearch
-
264 - ldapabandon
-
511 - all operations
To log more than one operation, add the values of their dimensions. For example, if you want to trace ldapbind (1), ldapadd (4) and ldapmodify (16) operations, then the value would be 21 (1 + 4 + 16 = 21).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.601
Other
Single-valued attribute.
8.2.119 orclDefaultProfileGroup
orclDefaultProfileGroup
holds the DN of the group to designate the default group for a user, such that a default profile can be built for the user based on this attribute value.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.309
Other
Single-valued attribute.
8.2.120 orclDefaultSubscriber
orclDefaultSubscriber
identifies the default realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.312
8.2.121 orclDIMEonlyLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.131
Other
Single-valued attribute.
8.2.122 orclDIPRepository
orclDIPRepository
is used to determine if the directory is used as the Oracle Directory Integration
and Provisioning repository.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.124
Other
Single-valued attribute.
8.2.123 orclDirectoryVersion
orclDirectoryVersion
is the version of Oracle Internet Directory. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.67
Other
Single-valued attribute.
8.2.124 orclDirReplGroupAgreement
orclDirReplGroupAgreement
contains the directory replication group agreement DN.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.25
Other
DSA operational attribute.
8.2.125 orclDisplayPersonalInfo
orclDisplayPersonalInfo
specifies if the user's personal information should be displayed in white pages queries. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.304
Other
Single-valued attribute.
8.2.126 OrclDispThreads
OrclDispThreads
is the number of dispatcher threads per server process.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.613
8.2.127 orclDITRoot
orclDITRoot
is the root of the directory information tree (DIT). This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.7
Other
Single-valued attribute.
8.2.128 orclDNSUnavailable
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.161
Other
Single-valued attribute.
8.2.129 orclcachemaxsize
orclcachemaxsize
specifies the size in bytes of the result set cache or the metadata cache, depending on the subtype.
The available subtypes are:
-
rs: Result set cache. Default and minimum cache size is 64 MB.
-
md: Metadata cache. Default and minimum cache size is 128 MB.
Specify the size as M or G, indicating megabytes or gigabytes, respectively. To set a subtype, specify:
orclcachemaxsize; subtypename: value
For example:
orclcachemaxsize; md: 256M
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.642
Other
Single-valued attribute.
8.2.130 orclEcacheEnabled
orclEcacheEnabled
specifies whether to enable or disable the Entry Cache or Result Set Cache.
Values can be:
-
0: Disable both the Entry Cache and Result Set Cache.
-
1: Enable the Entry Cache only (default value).
-
2: Enable both the Entry Cache and Result Set Cache.
If you change the attribute value, restart the Oracle Internet Directory server instance for the new value to take effect.
Note:
A new subtype groups
is available for orclEcacheEnabled
attribute. This specifies whether to cache group entries or not. It's disabled by default out of the box.
Values can be:
-
0 (default): Not to cache group entries
-
1: Cache group entries
Example, orclEcacheEnabled;groups:1
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.400
Other
Single-valued attribute.
8.2.131 orclEcacheHitRatio
orclEcacheHitRatio
stores the cache hit ratio.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.170
Other
Single-valued attribute.
8.2.132 orclEcacheMaxEntries
orclEcacheMaxEntries
holds the maximum number of entries that can be present in the entry cache. The default is 25,000.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.402
Other
Single-valued attribute.
8.2.133 orclEcacheMaxSize
orclEcacheMaxSize
is the size of shared memory that can be used for the entry cache. The default is 100 MB.
Specify the size as M or G, indicating megabytes or gigabytes, respectively.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.401
Other
Single-valued attribute.
8.2.134 orclEcacheNumEntries
orclEcacheNumEntries
is the number of entries currently in the entry cache.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.171
Other
Single-valued attribute.
8.2.135 orclEcacheSize
orclEcacheSize
specifies the current size of the entry cache.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.172
Other
Single-valued attribute.
8.2.136 orclEnabled
orclEnabled
determines whether an application is enabled or disabled for use.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.1008
Other
Single-valued attribute.
8.2.137 orclEnableGroupCache
orclEnableGroupCache
specifies whether to cache privilege groups and ACL groups. Using this cache improves the performance of access control evaluation for users.
Use the group cache when a privilege group membership does not change frequently. If a privilege group membership does change frequently, then it is best to turn off the group cache. This is because, in such a case, computing a group cache increases overhead. The default is 1 (enabled). Change to 0 (zero) to disable.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.403
Other
Single-valued attribute.
8.2.138 orclencryptedattributes
orclencryptedattributes
specifies the list of attributes to be stored in an encrypted form.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.419
8.2.139 orclEntryACLEvalLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.136
Other
Single-valued attribute.
8.2.140 orclEntryLevelACI
orclEntryLevelACI
specifies the ACI that holds object level ACL.
Syntax
1.3.6.1.4.1.1466.115.121.1.1 (Access Control Item)
Matching Rule
accessDirectiveMatch
Object ID
2.16.840.1.113894.1.1.43
8.2.141 orclEventLevel
orclEventLevel
specifies critical events related to security and system resources to be recorded for server manageability statistics.
The default value is 0. Table 8-2 lists the level values.
Table 8-2 Event Levels
Level Value | Critical Event | Information It Provides |
---|---|---|
1 |
Superuser login |
Super uses bind (successes or failures) |
2 |
Proxy user login |
Proxy user bind (failures) |
4 |
Replication login |
Replication bind (failures) |
8 |
Add access |
Add access violation |
16 |
Delete access |
Delete access violation |
32 |
Write access |
Write access violation |
64 |
ORA 3113 error |
Loss of connection to database |
128 |
ORA 3114 error |
Loss of connection to database |
256 |
ORA 28 error |
ORA-28 Error |
512 |
ORA error |
ORA errors other an expected 1, 100, or 1403 |
1024 |
Oracle Internet Directory server termination count |
|
2047 |
All critical events |
For events other than superuser, proxy user, and replication login, set the value of the orclStatsFlag attribute to 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.195
Other
Single-valued attribute.
8.2.142 orclEventTime
orclEventTime
is the time when a logged directory event occurred.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.60
8.2.143 orclEventType
orclEventType
is the type of logged directory event.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.57
8.2.144 orclExcludedAttributes
orclExcludedAttributes
specifies an attribute (within the specified naming context) to be excluded from replication. Applies to partial replication only.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.506
Other
DSA operational attribute.
8.2.145 orclFDIncreaseError
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.163
Other
Single-valued attribute.
8.2.146 orclFilterACLEvalLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.137
Other
Single-valued attribute.
8.2.147 orclFlexAttribute1
orclFlexAttribute1
is an additional attribute for storing more information about a resource, service, or component.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.355
8.2.148 orclFlexAttribute2
orclFlexAttribute2
is an additional attribute for storing more information about a resource, service, or component.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.356
8.2.149 orclFlexAttribute3
orclFlexAttribute3
is an additional attribute for storing more information about a resource, service, or component.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.357
8.2.150 orclFrontLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.128
Other
Single-valued attribute.
8.2.151 orclGender
orclGender
specifies the gender of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.346
Other
Single-valued attribute.
8.2.152 orclgeneratechangelog
orclgeneratechangelog
enables change log generation.
-
1- Generate change log
-
0- Do not generate change log
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.617
8.2.153 orclGenObjLatency
orclGenObjLatency
stores the general object latency.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.133
Other
Single-valued attribute.
8.2.154 orclGetNearACLLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.135
Other
Single-valued attribute.
8.2.155 orclGlobalID
orclGlobalID
specifies the attribute that is used to identify the global ID of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.8
Other
Single-valued attribute.
8.2.156 orclGUID
This is the global unique identifier for an entry within Oracle Internet Directory. The value for this attribute is automatically generated when an entry is created and remains constant, even if an entry is moved.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.37
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.157 orclGUPassword
orclGUPassword
is the password for the guest user account in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.1.1.12
Other
Single-valued attribute.
8.2.158 orclHashedAttributes
orclHashedAttributes
is the list of attributes whose values are hashed, using the crypto scheme set in the root DSE attribute orclcryptoscheme
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (caseIgnoreSubstringsMatch)
Matching Rule
caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.376
Other
Multi-valued attribute
Note:
-
Never include the same attribute in both
orclhashedattributes
andorclencryptedattributes
. -
Only single-valued attributes can be hashed attributes.
8.2.159 orclHIQSchedule
orclHIQSchedule
is the interval, in seconds, at which the directory replication server repeats the change application process.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.98
Other
Single-valued attribute.
DSA operational attribute.
8.2.160 orclHireDate
orclHireDate
specifies the date on which a user was hired by the organization.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.308
Other
Single-valued attribute.
8.2.161 orclHostedCreditCardExpireDate
orclHostedCreditCardExpireDate
indicates the credit card expiration date for a subscriber.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.338
Other
Single-valued attribute.
8.2.162 orclHostedCreditCardNumber
orclHostedCreditCardNumber
indicates the credit card number for a subscriber.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.337
Other
Single-valued attribute.
8.2.163 orclHostedCreditCardType
orclHostedCreditCardType
indicates the credit card type for a subscriber.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.336
Other
Single-valued attribute.
8.2.164 orclHostedDunsNumber
The DUNS number of a business subscriber. DUNS (Data Universal Numbering System) is a unique nine character company identification number issued by Dun and Bradstreet Corporation used to identify a US corporate entity.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.334
Other
Single-valued attribute.
8.2.165 orclHostedPaymentTerm
orclHostedPaymentTerm
specifies the payment terms for a subscriber account.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.335
Other
Single-valued attribute.
8.2.166 orclHostname
orclHostname
indicates the host name of the Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.41
Other
Single-valued attribute.
8.2.167 orclIdleConn
The number of open connections that are currently inactive. Oracle Internet Directory tracks the idle connections for server manageability statistics.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.151
Other
Single-valued attribute.
8.2.168 orclIdleThreads
The number of Oracle Internet Directory server process threads that are currently inactive. Oracle Internet Directory tracks the idle threads for server manageability statistics.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.141
Other
Single-valued attribute.
8.2.169 orclIncludedNamingContexts
orclIncludedNamingContexts
is the naming context included in a partial replica. For each naming context object, you can specify only one unique subtree.
In partial replication, all subtrees in the specified included naming context are replicated.
Only LDAP-based replication agreements respect this attribute to define one or more partial replicas. If this attribute contains any values in an Oracle Database Advanced Replication-based replication agreement, then it is ignored.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
N/A
Object ID
2.16.840.1.113894.1.1.819
Other
Single-valued attribute.
DSA operational attribute.
8.2.170 orclIndexedAttribute
orclIndexedAttribute
are attributes that are indexed in the Oracle Internet Directory catalog.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.49
8.2.171 orclInitialServerMemSize
orclInitialServerMemSize
is the memory size of the Oracle Internet Directory server at start up.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.147
Other
Single-valued attribute.
8.2.172 orclinmemfiltprocess
orclinmemfiltprocess
specifies the search filters to be processed in memory.
Syntax
Printable String
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.608
Other
Multiple-valued attribute.
8.2.173 orclInterval
orclInterval
is the time interval in seconds between executions of Oracle Directory Integration
and Provisioning profiles.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.8
8.2.174 orclIpAddress
orclIpAddress
is the IP address of the Oracle Internet Directory server host.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.186
8.2.175 orclIsEnabled
orclIsEnabled
specifies whether a user or service subscriber is enabled in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.316
Other
Single-valued attribute.
8.2.176 orclIsVisible
This attribute is used to determine if users or groups is visible to applications managed by Oracle Delegated Administration Services, such as Oracle Portal. Oracle Single Sign-On does not use this attribute. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.303
Other
Single-valued attribute.
8.2.177 orclLastAppliedChangeNumber
For Oracle Directory Integration
and Provisioning export operations,
orclLastAppliedChangeNumber
indicates the last change from Oracle Internet Directory that was applied to the connected directory. The
default value is 0. If you have used the Oracle Directory Integration
and Provisioning Assistant
to bootstrap the connected directory, then this value is set automatically at the end of the
bootstrapping process. This is valid only in the export profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.69
Other
Single-valued attribute.
8.2.178 orclLastLoginTime
orclLastLoginTime
indicates the last login time of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.378
Other
Single-valued attribute
8.2.179 orclLDAPConnKeepALive
For replication, orclLDAPConnKeepALive
indicates whether to keep the LDAP connection to the connected directory alive due to activity. If not set Oracle Internet Directory will drop inactive connections after a period of time. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.822
Other
Single-valued attribute.
8.2.180 orclLDAPConnTimeout
orclLDAPConnTimeout
indicates the number of minutes before Oracle Internet Directory times out and drops an inactive connection.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.194
Other
Single-valued attribute.
8.2.181 orclLDAPInstanceID
orclLDAPInstanceID
indicates the instance number of a particular Oracle Internet Directory server instance.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.125
Other
Single-valued attribute.
8.2.182 orclLDAPProcessID
orclLDAPProcessID
indicates the process ID of a particular Oracle Internet Directory server instance.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.126
Other
Single-valued attribute.
8.2.183 orclMaidenName
orclMaidenName
indicates the maiden name of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.306
8.2.184 orclMappedDN
orclMappedDN
holds the required information for generating the mapped identity.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.704
Other
Single-valued attribute.
8.2.185 orclMaskFilter
orclMaskFilter
indicates LDAP filter specifying entries to be exposed. Others are masked.
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.427
Other
Multivalued, User-modifiable
8.2.186 orclMaskRealm
orclMaskRealm
indicates the list of DIT subtrees that are exposed or hidden.
They are as follows:
-
orclMaskRealm contains the DIT subtrees that are exposed in an instance. This attribute is configured in the instance level. The DN configured and its children are visible in the instance. Other entries in the DIT are masked (hidden) for all LDAP operations.
-
orclMaskRealm;disallowed contains the DIT subtrees that are hidden in a container for an entire directory for all LDAP operations. This attribute is configured in the DSA configuration entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (DN)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.426
Other
Multivalued, User-modifiable.
8.2.187 orclMasterNode
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.1010
Other
Single-valued attribute.
8.2.188 orclMatchDnEnabled
If the base DN of a search request is not found, then the directory server returns the nearest DN that matches the specified base DN. Whether the directory server tries to find the nearest match DN is controlled by this attribute. If set to 1, then match DN processing is enabled. If set to 0, then match DN processing is disabled. The default is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.404
Other
Single-valued attribute.
8.2.189 orclMaxCC
orclMaxCC
indicates the number of connections established by the Oracle Internet Directory server to its backend data base. The default value is 2.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.4
Other
Single-valued attribute.
8.2.190 orclMaxConnInCache
orclMaxConnInCache
is the number of connection DNs whose privileged groups can be cached is controlled by orclMaxConnInCache in the instance-specific configuration entry. The default value is 100000 identities (connection DNs). Increase the value of orclMaxConnInCache if your installation has more than 25000 users.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.605
Other
Single-valued attribute.
8.2.191 orclmaxLatencyLog
orclmaxLatencyLog
indicates the time in micro seconds after which any Oracle Internet Directory server operations that exceed this time are logged to the alert log. Default is 500 micro seconds, and the minimum value is 10 micro seconds.
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.643
Other
Single-valued attribute.
8.2.192 orclMaxTcpIdleConnTime
orclMaxTcpIdleConnTime
indicates the frequency in minutes at which the Oracle Internet Directory server calls OCIPing
() to send keep alive messages to the Oracle Database. Setting this attribute to a value less than the timeout value of the firewall between Oracle Internet Directory server and its Database (typically 30 minutes) prevents the Database connection from being dropped.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.196
Other
Single-valued attribute.
8.2.193 orclMaxFDLimitReached
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.156
Other
Single-valued attribute.
8.2.194 orclmaxfiltsize
orclmaxfiltsize
indicates the maximum size of the filter to be allowed for ldap search operation.
Syntax
Matching Rule
Object ID
2.16.840.1.113894.1.1.610
8.2.195 OrclMaxLdapConns
OrclMaxLdapConns
indicates the maximum LDAP connections per server.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.611
8.2.196 orclmaxlogfiles
orclmaxlogfiles
indicates maximum number of log files to keep in rotation.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.615
8.2.197 orclmaxlogfilesize
orclmaxlogfilesize
indicates the maximum size of the log file.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.614
8.2.198 orclmaxpsearchconns
orclmaxpsearchconns
indicates the maximum number of connections allowed for LDAP persistent search operations. Because persistent search operations keep connections from an LDAP client to the Oracle Internet Server server alive, this attribute can prevent the LDAP connection limit from being reached. Default is 0 (disabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.383
Other
Single-valued attribute.
8.2.199 orclMaxProcessLimitReached
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.164
Other
Single-valued attribute.
8.2.200 orclMaxServerRespTime
orclMaxServerRespTime
indicates the maximum time in seconds for Server process to respond back to Dispatcher process.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.620
8.2.201 orclMemAllocError
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.162
Other
Single-valued attribute.
8.2.202 orclMemberOf
This attribute contains the groups to which the entry belongs. This includes static groups and dynamic groups of objectclass orclDynamicGroup, using labeleduri attribute, which are cached. The membership includes both direct groups and nested groups. The attribute values are computed during search and are not stored. As of Oracle Internet Directory 11g Release 1 (11.1.1.7.0), this attribute can be used in search filters.
orclMemberOf
is an operational attribute and is returned by a search only when explicitly requested in the required attributes list.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.424
Other
Directory operational attribute.
Not user modifiable.
Aliases: memberof, ismemberof.
8.2.203 orclNetDescName
orclNetDescName
indicates the DN of an Oracle Net Service description entry. Oracle Net directory naming allows net service names to be stored in and retrieved from Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.3.1.12
Other
Single-valued attribute.
8.2.204 orclNetDescString
orclNetDescString
indicates the description string for an Oracle Net Service.
The For example:
(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP) (HOST = hostname)(PORT =1521))) (CONNECT_DATA = (SID = ORCL)))
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.3.1.13
Other
Single-valued attribute.
8.2.205 orclNonSSLPort
orclNonSSLPort
indicates the non-SSL LDAP listening port for Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.102
Other
Single-valued attribute.
8.2.206 orclNormDN
orclNormDN
identifies the normalized DN of an entry.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1000
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.207 orclNWCongested
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.160
Other
Single-valued attribute.
8.2.208 orclNwrwTimeout
orclNwrwTimeout
stores the network read/write time out. When an LDAP client initiates an operation, then does not respond to the server for a configured number of seconds, the server closes the connection. The number of seconds is controlled by the attribute orclnwrwtimeout
in the DSA configuration entry. The default is 300 seconds.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.603
Other
Single-valued attribute.
8.2.209 orclNwUnavailable
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.159
Other
Single-valued attribute.
8.2.210 orclObjectGUID
orclObjectGUID
stores Microsoft Active Directory's OBJECTGUID
attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.901
Other
Single-valued attribute.
8.2.211 orclObjectSID
orclObjectSID
stores Microsoft Active Directory's OBJECTSID
attribute value for users and groups migrated to Oracle Internet Directory from Active Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.902
Other
Single-valued attribute.
8.2.212 orclODIPAgent
orclODIPAgent
specifies the DN of a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.6
8.2.213 orclODIPAgentConfigInfo
orclODIPAgentConfigInfo
is any configuration information that you want the connector to store in Oracle Internet Directory.
It is passed by the Directory Integration Platform server to the connector at time of connector invocation. The information is stored as an attribute and the Directory Integration Platform server does not have any knowledge of its content. When the connector is scheduled for execution, the value of the attribute is stored in the file, ORACLE_HOME
/ldap/odi/conf/profile_name.cfg
that can be processed by the connector.
Upload the file by using:
manageSyncProfiles update -h host -p port -D WLS_userid -profile profile_name -params "odip.profile.configfileORACLE_HOME
/ldap/odi/conf/profile_name.cfg
"
or
manageSyncProfiles update -h host -p port -D WLS_userid -profile profile_name -file properties_file
where properties_file specifies odip.profile.configfile=ORACLE_HOME
/ldap/odi/conf/profile_name.cfg
.
Do this for both import and export agents.
See Oracle Directory Integration Platform Tools and the Managing Directory Synchronization Profiles in Administering Oracle Directory Integration Platform for more information
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.24
8.2.214 orclODIPAgentControl
orclODIPAgentControl
indicates whether a synchronization profile is enabled or disabled. Valid values are ENABLE or DISABLE. The default is DISABLE.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.3
Other
Single-valued attribute.
8.2.215 orclODIPAgentExeCommand
orclODIPAgentExeCommand
is the executable name and argument list used by the Directory Integration Platform server to invoke a connector. It can be passed as a command-line argument when the connector is invoked.
For example, here is a command to invoke the Oracle HR connector:
odihragent OracleHRAgent connect=hrdb login=%orclodipConDirAccessAccount pass=%orclodipConDirAccessPassword date=%orclODIPLastSuccessfulExecutionTime
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.21
Other
Single-valued attribute.
8.2.216 orclODIPAgentHostName
orclODIPAgentHostName
is the host name of the Oracle Directory Integration
and Provisioning server where the synchronization profile is run.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.5
Other
Single-valued attribute.
8.2.217 orclODIPAgentName
orclODIPAgentName
indicates the name of a third-party synchronization profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.1
Other
Single-valued attribute.
8.2.218 orclODIPAgentPassword
orclODIPAgentPassword
specifies the password that the synchronization profile uses to bind to the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.4
Other
Single-valued attribute.
8.2.219 orclODIPApplicationName
orclODIPApplicationName
is the name of an application to which a provisioning subscription belongs.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.7
8.2.220 orclODIPApplicationsLocation
orclODIPApplicationsLocation
specifies the DN of the application to which a provisioning subscription belongs.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.918
Other
Single-valued attribute.
8.2.221 orclODIPAttributeMappingRules
orclODIPAttributeMappingRules
is the attribute for storing the mapping rules used by a synchronization profile. Store the mapping rules in a file by using the Directory Integration Platform Assistant.
See Oracle Directory Integration Platform Tools and the Supported Attribute Mapping Rules and Examples in Administering Oracle Directory Integration Platform for more information about mapping rules.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.41
8.2.222 orclODIPBootStrapStatus
orclODIPBootStrapStatus
is the bootstrap status of a synchronization profile (the initial migration of data between a connected directory and Oracle Internet Directory).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.101
Other
Single-valued attribute.
8.2.223 orclODIPCommand
orclODIPCommand
is the command to invoke a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.9.1.5
8.2.224 orclODIPConDirAccessAccount
orclODIPConDirAccessAccount
is the valid user account in the connected directory to be used by the connector for synchronization.
The value is specific to the connected directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind DN in the SunONE Directory Server. For the Human Resources Connector, it is a valid user identifier in the Oracle Human Resources database. For other connectors, it can be passed as a command-line argument when the connector is invoked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.22
Other
Single-valued attribute.
8.2.225 orclODIPConDirAccessPassword
orclODIPConDirAccessPassword
is the password to be used by the user specified in the orclODIPConDirAccessAccount
attribute to connect to the connected directory.
See orclODIPConDirAccessAccount. The value is specific to the third-party directory with which you are integrating. For instance, for the SunONE synchronization connector, it is the valid bind password in the SunONE Directory Server. For the Human Resources Agent, it is the Oracle Human Resources database password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.23
8.2.226 orclODIPConDirLastAppliedChgNum
For Oracle Directory Integration
and Provisioning import operations, orclODIPConDirLastAppliedChgNum
is the last change from the connected directory that was applied to Oracle Internet Directory. The default value is 0. If you have used the Directory Integration Platform Assistant to bootstrap the connected directory, then this value is set automatically.
See Oracle Directory Integration Platform Tools and the Bootstrapping a Directory in Oracle Directory Integration Platform in Administering Oracle Directory Integration Platform for more information about the bootstrap operation. This is valid only in the import profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.65
Other
Single-valued attribute.
8.2.227 orclODIPConDirMatchingFilter
This attribute specifies the filter to apply to the third-party directory change log. It is used in the Oracle Directory Integration and Provisioning import profile.
The filter must be set in the import profile when both the import and export integration profiles are enabled, as follows:
Modifiersname != connected_directory_account
This prevents the same change from being exchanged between the two directories indefinitely. To avoid confusion, make this account specific to synchronization.
See Also: Note 280474.1, "Setting Up Filtering in a DIP Synchronization Profile" available at My Oracle Support (formerly MetaLink).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.42
8.2.228 orclODIPConDirURL
orclODIPConDirURL
is the connection string required to connect to the third-party connected directory. This value refers to the host name and port number as host:port:
[
sslmode
]
.
To connect by using SSL, enter host:port:
1
.
Make sure the certificate to connect to the directory is stored in the wallet, the location of which is specified in the file odi.properties
.
Note: To connect to SunONE Directory Server by using SSL, the server certificate needs to be loaded into the wallet.
See Also: The chapter on Oracle Wallet Manager in Oracle Database Advanced Security Administrator's Guide.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.25
Other
Single-valued attribute.
8.2.229 orclODIPConfigDNs
orclODIPConfigDNs
stores the DNs of integration profiles for a particular configuration set in Oracle Directory Integration
and Provisioning.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.72
8.2.230 orclODIPConfigRefreshFlag
orclODIPConfigRefreshFlag
stores a flag which indicates whether any integration profiles have been added, deleted, or modified. It is used in association with a configuration set.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.71
Other
Single-valued attribute.
8.2.231 orclODIPDbConnectInfo
orclODIPDbConnectInfo
is the connection string for the database of a provisioning profile subscriber. The format of the string is host:port:sid:username:password
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.2
8.2.232 orclODIPEncryptedAttrKey
orclODIPEncryptedAttrKey
stores a key which is used to encrypt and decrypt sensitive data that is transmitted by the Oracle directory integration platform server to other applications.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.215
Other
Single-valued attribute.
8.2.233 orclODIPEventFilter
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.433
8.2.234 orclODIPEventSubscriptions
orclODIPEventSubscriptions
store configuration information for events to which a provisioned-integrated application subscribes.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubStringsMatch
Object ID
2.16.840.1.113894.9.1.1
8.2.235 orclODIPFilterAttrCriteria
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.605
Other
Single-valued attribute.
8.2.236 orclODIPInstancesLocation
orclODIPInstancesLocation
identifies the location in the directory that stores information about instances of the Oracle directory integration platform server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.913
Other
Single-valued attribute.
8.2.237 orclODIPInstanceStatus
orclODIPInstanceStatus
stores a flag that indicates whether an instance of the Oracle directory integration platform server should continue running or shut down. This flag provides a means of communication between the OID Monitor, OID Control, and the Oracle directory integration platform server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.76
Other
Single-valued attribute.
8.2.238 orclODIPInterfaceType
orclODIPInterfaceType
signifies the data format or protocol used in synchronization with a third-party directory.
Supported values are:
-
LDIF—Import or export from a LDIF File.
-
Tagged—Import or export from a tagged file—a proprietary format supported by the Oracle Directory Integration Platform server, similar to LDIF format.
-
LDAP—Import from or export to an LDAP-compliant directory.
-
DB —Import from or export to an Oracle Database directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.28
Other
Single-valued attribute.
8.2.239 orclODIPLastExecutionTime
orclODIPLastExecutionTime
is the status attribute set to the last time the integration profile was executed by the Oracle Directory Integration
and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss
, where hh
is the time of day in 24-hour format. This attribute is initialized during profile creation.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.61
Other
Single-valued attribute.
8.2.240 orclODIPLastSuccessfulExecutionTime
orclODIPLastSuccessfulExecutionTime
is the status attribute set to the last time the integration profile was executed successfully by the Oracle Directory Integration
and Provisioning server. Its format is dd-mon-yyyy hh:mm:ss
, where hh
is the time of day in 24-hour format. This attribute is initialized during profile creation.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.62
Other
Single-valued attribute.
8.2.241 orclODIPMustAttrCriteria
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.603
Other
Single-valued attribute.
8.2.242 orclODIPObjectCriteria
orclODIPObjectCriteria
is used in an object definition to identify and classify a particular type of object.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.602
8.2.243 orclODIPObjectDefnLocation
orclODIPObjectDefnLocation
identifies the location of the various object definitions used by the Oracle directory integration platform server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.917
Other
Single-valued attribute.
8.2.244 orclODIPObjectEvents
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.432
8.2.245 orclODIPObjectName
orclODIPObjectName
is used in an object definition to store the name of an object.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.601
Other
Single-valued attribute.
8.2.246 orclODIPObjectSyncBase
orclODIPObjectSyncBase
is the search base in the directory for an object associated with an Oracle Directory Integration
and Provisioning synchronization profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.431
8.2.247 orclODIPOIDMatchingFilter
In export profiles, this attribute specifies the filter to apply to the Oracle Internet Directory change log container.
It is used in the export profile. It must be set in the export profile when both the import and export integration profiles are enabled, as in the following example:
Modifiersname !=orclodipagentname=iPlanetImport,cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory
This prevents the same change from being exchanged between the two directories indefinitely.
In import profiles, this attribute specifies a key for mapping entries between Oracle Internet Directory and the connected directory. This is useful when the DN cannot be used as the key.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.43
8.2.248 orclODIPOperationMode
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.430
8.2.249 orclODIPOptAttrCriteria
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.604
Other
Single-valued attribute.
8.2.250 orclODIPPluginAddInfo
orclODIPPluginAddInfo
is the additional information that may be needed by an Oracle Directory Integration
and Provisioning connector plug-in.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.264
Other
Single-valued attribute.
8.2.251 orclODIPPluginConfigInfo
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.261
Other
Single-valued attribute.
8.2.252 orclODIPPluginEvents
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.265
8.2.253 orclODIPPluginExecData
orclODIPPluginExecData
is the Oracle Directory Integration
and Provisioning connector plug-in executable data, which is typically a JAR file.
Syntax
1.3.6.1.4.1.1466.115.121.1.5 (Binary Data)
Matching Rule
N/A
Object ID
2.16.840.1.113894.8.1.262
8.2.254 orclODIPPluginExecName
orclODIPPluginExecName
is the fully qualified name of the Oracle Directory Integration
and Provisioning connector plug-in executable, which is typically a Java class.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.263
Other
Single-valued attribute.
8.2.255 orclODIPProfileDataLocation
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.914
Other
Single-valued attribute.
8.2.256 orclODIPProfileDebugLevel
orclODIPProfileDebugLevel
is the debugging level for an Oracle Directory Integration
and Provisioning synchronization profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.251
Other
Single-valued attribute.
Note:
To log all information for a synchronization profile, including entries that are synchronized, set the orclODIPProfileDebugLevel
to a value of 63
for 10g and to a value of 64
for 11g.
The orclodipprofiledebuglevel
attribute corresponds to the odip.profile.debuglevel
configuration property. The odip.profile.debuglevel
property refers to the following log levels, which you can set in the Oracle Enterprise Manager Fusion Middleware Control by editing the Log Level under the Advanced tab:
-
Off =
0
-
Error =
8
-
Info =
16
-
Trace =
32
-
All =
64
(recommended for most sync/profile mapping troubleshooting)
8.2.257 orclODIPProfileExecGroupID
orclODIPProfileExecGroupID
associates a group number with a particular provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.250
Other
Single-valued attribute.
8.2.258 orclODIPProfileInterfaceAdditionalInformation
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.223
8.2.259 orclODIPProfileInterfaceConnectInformation
orclODIPProfileInterfaceConnectInformation
contains information that is used by the Oracle directory integration platform server on how to connect to a provisioning-integrated application for event propagation.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.222
Other
Single-valued attribute.
8.2.260 orclODIPProfileInterfaceName
orclODIPProfileInterfaceName
contains a provisioning-integrated application's interface name, which is used by the Oracle directory integration platform server for event propagation. The value assigned to this attribute depends on the interface type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.220
Other
Single-valued attribute.
8.2.261 orclODIPProfileInterfaceType
orclODIPProfileInterfaceType
specifies the type of interface to which events is propagated by the Oracle directory integration platform server. Valid values for this attribute are PLSQL or JAVA.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.221
Other
Single-valued attribute.
8.2.262 orclODIPProfileInterfaceVersion
orclODIPProfileInterfaceVersion
specifies the provisioning profile version to which events is propagated by the Oracle directory integration platform server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.224
Other
Single-valued attribute.
8.2.263 orclODIPProfileLastAppliedAppEventID
orclODIPProfileLastAppliedAppEventID
contains the number of the last event that was generated by a provisioning-integration application and updated in Oracle Internet Directory by the Oracle directory integration platform server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.234
Other
Single-valued attribute.
8.2.264 orclODIPProfileLastProcessingTime
orclODIPProfileLastProcessingTime
is the last time the Oracle Directory Integration
and Provisioning synchronization profile was executed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.232
Other
Single-valued attribute.
8.2.265 orclODIPProfileLastSuccessfulProcessingTime
orclODIPProfileLastSuccessfulProcessingTime
denotes the last time the Oracle Directory Integration
and Provisioning synchronization profile was successfully executed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.233
Other
Single-valued attribute.
8.2.266 orclODIPProfileMaxErrors
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.214
Other
Single-valued attribute.
8.2.267 orclODIPProfileMaxEventsPerInvocation
orclODIPProfileMaxEventsPerInvocation
specifies the maximum number of events that the Oracle directory integration platform server packages and sends to an application during one invocation of a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.212
Other
Single-valued attribute.
8.2.268 orclODIPProfileMaxEventsPerSchedule
orclODIPProfileMaxEventsPerSchedule
specifies the maximum number of events that the Oracle directory integration platform server sends to an application during one execution of a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.213
Other
Single-valued attribute.
8.2.269 orclODIPProfileMaxRetries
orclODIPProfileMaxRetries
denotes the maximum number of times an Oracle Directory Integration
and Provisioning profile is retried in the event of an error.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.211
Other
Single-valued attribute.
8.2.270 orclODIPProfileName
orclODIPProfileName
denotes the name of the Oracle Directory Integration
and Provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.201
Other
Single-valued attribute.
8.2.271 orclODIPProfileProcessingErrors
orclODIPProfileProcessingErrors
contains errors raised during event propagation by the Oracle directory integration platform server for a particular provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.231
8.2.272 orclODIPProfileProcessingStatus
orclODIPProfileProcessingStatus
contains the Oracle directory integration platform server's event propagation status for a particular provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.230
Other
Single-valued attribute.
8.2.273 orclODIPProfileProvSubscriptionMode
orclODIPProfileProvSubscriptionMode
is the subscription mode for a provisioning profile: INBOUND, OUTBOUND, or BOTH.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.408
8.2.274 orclODIPProfileSchedule
orclODIPProfileSchedule
denotes the number of seconds between executions of an Oracle Directory Integration
and Provisioning profile. The default is 3600, which means the profile is scheduled to run every hour.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.210
Other
Single-valued attribute.
8.2.275 orclODIPProfileStatusUpdate
orclODIPProfileStatusUpdate
indicates whether the Oracle directory integration platform server should perform a provisioning profile status update while propagating events to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.610
Other
Single-valued attribute.
8.2.276 orclODIPProvEventCriteria
orclODIPProvEventCriteria
is used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to identify a particular type of event.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.503
8.2.277 orclODIPProvEventLDAPChangeType
orclODIPProvEventLDAPChangeType
is used with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to indicate what type of operation in LDAP (add, modify, delete) can cause some type of event.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.502
8.2.278 orclODIPProvEventObjectType
orclODIPProvEventObjectType
isuUsed with version 2.0 provisioning profiles to convert a change in Oracle Internet Directory to an event before propagating it to a provisioning-integrated application. This attribute is used to indicate the type of object (i.e whether it is a USER or a GROUP and so forth) based on other qualifying criteria.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.501
Other
Single-valued attribute.
8.2.279 orclODIPProvEventRule
orclODIPProvEventRule
stores the XML-based rule definitions used by the Oracle directory integration platform server to convert changes in Oracle Internet Directory into events before propagating them to a provisioning-integrated application.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.607
Other
Single-valued attribute.
8.2.280 orclODIPProvEventRuleDTD
orclODIPProvEventRuleDTD
stores the XML DTD for event rule definitions used by the Oracle directory integration platform server to understand and parse event rule definitions.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.606
Other
Single-valued attribute.
8.2.281 orclODIPProvInterfaceFilter
orclODIPProvInterfaceFilter
is used with version 3.0 provisioning profiles to identify and classify an object based on the entry's object class. This attribute is used in the object definitions stored in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.609
8.2.282 orclODIPProvInterfaceProcessor
orclODIPProvInterfaceProcessor
is used by the Oracle directory integration platform server to identify the Java classes to use for reading and writing events from and to provisioning-integration applications and for processing event propagation results. The default configurations in this attribute should not be changed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.608
Other
Single-valued attribute.
8.2.283 orclODIPProvisioningAppGUID
orclODIPProvisioningAppGUID
is the global unique identifier for the application entry associated with a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.402
Other
Single-valued attribute.
8.2.284 orclODIPProvisioningAppName
orclODIPProvisioningAppName
is the distinguished name (DN) of the application to which the provisioning subscription belongs. The combination of the application name and organization name uniquely identifies a provisioning profile, for example, Email.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.401
Other
Single-valued attribute.
8.2.285 orclODIPProvisioningEventMappingRules
The event mapping rule maps the object type received from the application (using an optional filter condition) to a domain in Oracle Internet Directory. An inbound provisioning profile can have multiple mapping rules defined.
The following example shows a sample mapping rule value. The rule shows that a user object (USER
) whose locality attribute equals US (l=US
) should be mapped to the domain l=US,cn=users,dc=company,dc=com
.
USER:l=US:l=US,cn=users,dc=company,dc=com
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.406
8.2.286 orclODIPProvisioningEventPermittedOperations
orclODIPProvisioningEventPermittedOperations
defines the types of events that the application is allowed to send to the Oracle Directory Integration
and Provisioning service. An inbound provisioning profile can have multiple permitted operations defined.
For example, if you wanted to permit the application to send events whenever a user object was added or deleted, or when certain attributes were modified, you would have three permitted operation values such as this:
USER:dc=mycompany,dc=com:ADD(*) USER:dc=mycompany,dc=com:MODIFY(cn,sn,mail,password) USER:dc=mycompany,dc=com:DELETE(*)
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.407
8.2.287 orclODIPProvisioningEventSubscription
orclODIPProvisioningEventSubscription
defines the types of events that the Oracle Directory Integration
and Provisioning service should send to the application. An outbound provisioning profile can have multiple event subscriptions defined.
For example, if you wanted the directory integration server to send events to the application whenever a user or group object was added or deleted, you would have four event subscription values such as this:
GROUP:dc=mycompany,dc=com:ADD(*) GROUP:dc=mycompany,dc=com:DELETE(*) USER:dc=mycompany,dc=com:ADD(*) USER:dc=mycompany,dc=com:DELETE(*)
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.405
8.2.288 orclODIPProvisioningOrgGUID
orclODIPProvisioningOrgGUID
is the global unique identifier for the organization entry associated with a provisioning profile.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.404
Other
Single-valued attribute.
8.2.289 orclODIPProvisioningOrgName
orclODIPProvisioningOrgName
is the distinguished name (DN) of the organization to which the provisioning subscription belongs, for example dc=company,dc=com
. The combination of the application DN and organization DN uniquely identifies a provisioning profile. Defaults value is the DN of the default identity management realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.403
Other
Single-valued attribute.
8.2.290 orclODIPProvProfileLocation
orclODIPProvProfileLocation
contains the DN of the directory container that stores provisioning profiles.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.916
Other
Single-valued attribute.
8.2.291 orclODIPRootLocation
orclODIPRootLocation
refers to the root location in the directory tree where the Oracle Directory Integration
and Provisioning configuration is stored.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.912
Other
Single-valued attribute.
8.2.292 orclODIPSchedulingInterval
orclODIPSchedulingInterval
denotes the time interval in seconds after which a connected directory is synchronized with Oracle Internet Directory. The default is 60
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.6
Other
Single-valued attribute.
8.2.293 orclODIPSchemaVersion
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.911
Other
Single-valued attribute.
8.2.294 orclODIPSearchCountLimit
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.511
Other
Single-valued attribute.
8.2.295 orclODIPSearchTimeLimit
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.512
Other
Single-valued attribute.
8.2.296 orclODIPServerCommitSize
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.515
Other
Single-valued attribute.
8.2.297 orclODIPServerConfigLocation
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.919
Other
Single-valued attribute.
8.2.298 orclODIPServerDebugLevel
orclODIPServerDebugLevel
is the number that corresponds to the debugging level for the Oracle Directory Integration
and Provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.516
Other
Single-valued attribute.
8.2.299 orclODIPServerRefreshIntvl
orclODIPServerRefreshIntvl
denotes the number of minutes between server refreshes for any changes in Oracle Directory Integration Platform profiles. If not specified, the default of 2 is used.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.514
Other
Single-valued attribute.
8.2.300 orclODIPServerSSLMode
orclODIPServerSSLMode
is the number of the corresponding SSL mode. The default is 0.
The modes are as follows:
-
0 — SSL is not used.
-
1 — SSL is used for encryption only, not for authentication.
-
2 — SSL is used for one-way authentication. With this mode you must also specify the complete path and file name of the server's Oracle Wallet.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.513
Other
Single-valued attribute.
8.2.301 orclODIPServerWalletLoc
orclODIPServerWalletLoc
denotes the complete path and file name of the Oracle Directory Integration
and Provisioning server's Oracle Wallet.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.517
Other
Single-valued attribute.
8.2.302 orclODIPSynchronizationErrors
orclODIPSynchronizationErrors
contains messages explaining the errors if the last execution of the synchronization profile failed. This attribute is updated by Oracle Directory Integration
and Provisioning server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.64
8.2.303 orclODIPSynchronizationMode
orclODIPSynchronizationMode
denotes the direction of synchronization between Oracle Internet Directory and the connected directory. Allowed values are: IMPORT or EXPORT.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.2
Other
Single-valued attribute.
8.2.304 orclODIPSynchronizationStatus
orclODIPSynchronizationStatus
indicates the status of the last execution of a synchronization profile: SUCCESS or FAILURE. Initially, this attribute has the value YET TO BE EXECUTED.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.63
Other
Single-valued attribute.
8.2.305 orclODIPSyncProfileLocation
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.915
Other
Single-valued attribute.
8.2.306 orclODIPSyncRetryCount
orclODIPSyncRetryCount
indicates the maximum number of times Oracle Directory Integration
and Provisioning server tries to run the third-party directory connector in the event of a failure. The default is 5.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.7
Other
Single-valued attribute.
8.2.307 orclOidComponentName
orclOidComponentName
indicates the name of OID component where replication server is started.
Syntax
Directory String
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.832
8.2.308 orclOidInstanceName
orclOidInstanceName
indicates the name of the instance where replication server is started.
Syntax
Directory String
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.830
8.2.309 orclOpAbandoned
orclOpAbandoned
specifies the number of abandoned LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.168
Other
Single-valued attribute.
8.2.310 orclOpCompleted
orclOpCompleted
specifies the number of completed LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.166
Other
Single-valued attribute.
8.2.311 orclOpenConn
orclOpenConn
specifies the number of open connections to the Oracle Internet Directory server, including client LDAP connections and database connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.149
Other
Single-valued attribute.
8.2.312 orclOpFailed
orclOpFailed
specifies the number of failed LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.190
Other
Single-valued attribute.
8.2.313 orclOpInitiated
orclOpInitiated
specifies the number of initiated LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.165
Other
Single-valued attribute.
8.2.314 orclOpLatency
orclOpLatency
stores operation latency.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.127
Other
Single-valued attribute.
8.2.315 orclOpPending
orclOpPending
specifies the number of pending LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.167
Other
Single-valued attribute.
8.2.316 orclOpResult
orclOpResult
stores the operation result.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.64
8.2.317 orclOpSucceeded
orclOpSucceeded
specifies the number of successful LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.189
Other
Single-valued attribute.
8.2.318 orclOpTimedOut
orclOpTimedOut
specifies the number of LDAP search operations that timed out.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.169
Other
Single-valued attribute.
8.2.319 orcloptracklevel
orcloptracklevel
is the security event tracking level.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.180
8.2.320 orcloptrackmaxtotalsize
orcloptrackmaxtotalsize
indicates the maximum number of bytes of RAM that security events tracking can use for each type of operation.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.178
8.2.321 orcloptracknumelemcontainers
orcloptracknumelemcontainers
indicates the number of in-memory cache containers to be allocated for security event tracking.
The 1stlevel
subtype is for setting the number of in-memory cache containers for storing information about users performing operations. The 2ndlevel
subtype, which is applicable only to compare operation, sets the number of in-memory cache containers for information about the users whose userpassword is compared and tracked when detailed compare operation statistics is programmed.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.181
8.2.322 orclORA28error
orclORA28error
specifies the number of ORA-28 errors encountered by Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.182
Other
Single-valued attribute.
8.2.323 orclORA3113error
orclORA3113error
specifies the number of ORA-3113 errors encountered by Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.157
Other
Single-valued attribute.
8.2.324 orclORA3114error
orclORA3114error
specifies the number of ORA-3114 errors encountered by Oracle Internet Directory servers.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.158
Other
Single-valued attribute.
8.2.325 orclOracleHome
orclOracleHome
indicates the ORACLE_HOME location of an Oracle service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
2.16.840.1.113894.7.1.2
Other
Single-valued attribute.
8.2.326 orclOwnerGUID
orclOwnerGUID
is the global unique identifier of the user who owns an application or resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.358
8.2.327 orclPassword
orclPassword
identifies an Oracle-specific password for custom authentication schemes like O3Logon for the database server.
Syntax
1.3.6.1.4.1.1466.115.121.1.44 (Printable String)
Matching Rule
caseExactMatch
Object ID
2.16.840.1.113894.7.1.13
8.2.328 orclPasswordAttribute
orclPasswordAttribute
specifies the password value to access the resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.353
Other
Single-valued attribute.
8.2.329 orclPasswordHint
orclPasswordHint
specifies the password hint to be displayed when users forget their password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.314
Other
Single-valued attribute.
8.2.330 orclPasswordHintAnswer
orclPasswordHintAnswer
is the answer related to the password hint question stored in orclPasswordHint
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.315
Other
Single-valued attribute.
Note:
orclPasswordHintAnswer
is hashed using the SHA-1
algorithm. The hexadecimal value of this is Base64
encoded.
Oracle Internet Directory hashes the value only if it is provided as plaintext. Prehashed values are not hashed again.
8.2.331 orclPasswordVerifier
orclPasswordVerifier
is the attribute for storing a password to an Oracle component when that password is different from that used to authenticate the user to the directory, namely, userPassword
.
The value in this attribute is not synchronized with that in the userPassword attribute.
Like authPassword, this attribute is multivalued and can contain all the other verifiers that different applications use for this user's clear text password.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.210
8.2.332 orclPilotMode
orclPilotMode
allows to choose whether to BEGIN or END pilot mode for a replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch, equality integermatch
Object ID
2.16.840.1.113894.1.1.824
Other
Single-valued attribute.
8.2.333 orclPKCS12Hint
orclPKCS12Hint
contains the password hint for the user's PKCS12 private key store.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.11
8.2.334 orclPKIMatchingRule
This is used to specify the matching rule for mapping a user's PKI certificate DN to the user's entry DN in Oracle Internet Directory.
The following matching rule values are allowed:
-
0 - Exact match. The PKI certificate DN must match the user entry DN.
-
1 - Certificate search. Check to see if the user has a PKI certificate provisioned into Oracle Internet Directory.
-
2 - A combination of exact match and certificate search. If the exact match fails, then a certificate search is performed.
-
3 - Mapping rule only. Use a mapping rule to map user PKI certificate DNs to Oracle Internet Directory DNs.
-
4 - Try in order: 1 (mapping rule), 2 (certificate search), 3 (exact match).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.703
Other
Single-valued attribute.
8.2.335 orclPKINextUpdate
orclPKINextUpdate
indicates the universal time when the certificate revocation list (CRL) should be updated.
Syntax
1.3.6.1.4.1.1466.115.121.1.53 (UTC Time)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.2.1.300.1
8.2.336 orclPKIValMecAttr
orclPKIValMecAttr
contains the certificate validation mechanism supported. Currently, only validation with crls is supported, hence the value of this attribute is CRL.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.2.1.300.2
8.2.337 orclPluginAttributeList
orclPluginAttributeList
contains a semicolon-separated attribute name list that controls whether the plug-in takes effect. If the target attribute is included in the list, the plug-in is invoked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.563
Other
Single-valued attribute.
8.2.338 orclPluginCheckEntryExist
orclPluginCheckEntryExist
, if enabled, indicates that the Plug-in is invoked when the base entry does not exist. This only applies to search operation with scope base.
Allowed values are 0 (disabled) or 1 (enabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.569
Other
Single-valued attribute.
8.2.339 orclPluginEnable
orclPluginEnable
indicates whether a plug-in is enabled or disabled. Allowed values are 0 (disabled) or 1 (enabled). The default is 0 (disabled).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.554
Other
Single-valued attribute.
8.2.340 orclPluginEntryProperties
orclPluginEntryProperties
is an LDAP search filter that specifies entry criteria that will cause the plug-in to not be invoked.
For example, if the following filter is used, the plug-in will not be invoked if the target entry has objectclass
equal to inetorgperson
and sn
equal to Cezanne
.
(&(objectclass=inetorgperson)(sn=Cezanne))
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.568
Other
Single-valued attribute.
8.2.341 orclPluginIsReplace
orclPluginIsReplace
is used for plug-ins that use WHEN timing only. 0 is disabled (default). 1 is enabled.
This attribute can be set to enabled only if the orclPluginLDAPOperation attribute value is ldapbind
, ldapcompare
, or ldapmodify
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.559
Other
Single-valued attribute.
8.2.342 orclPluginBinaryFlexfield
orclPluginBinaryFlexfield
contains Custom binary information (Java only).
Syntax
1.3.6.1.4.1.1466.115.121.1.5
Object ID
2.16.840.1.113894.1.1.574
Other
Single-valued attribute.
8.2.343 orclPluginFlexfield
orclPluginFlexfield
contains Custom text information (Java only).
To indicate a subtype, specify orclPluginFlexfield; subtypename
, for example, orclPluginFlexfield; minPwdLength: 8
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.573
Other
Single-Valued attribute.
8.2.344 orclPluginSecuredFlexfield
orclPluginSecuredFlexfield
contains Custom text information (Java only).
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.577
Other
Single-Valued attribute.
8.2.345 orclPluginKind
orclPluginKind
indicates the kind of plug-in. PL/SQL is the only allowed value.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.562
Other
Single-valued attribute.
8.2.346 orclPluginLDAPOperation
orclPluginLDAPOperation
indicates the LDAP operation that this plug-in supplements.
The Allowed values are:
-
ldapcompare
-
ldapmodify
-
ldapbind
-
ldapadd
-
ldapdelete
-
ldapsearch
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.557
Other
Single-valued attribute.
8.2.347 orclPluginName
orclPluginName
indicates the plug-in package name.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.552
Other
Single-valued attribute.
8.2.348 orclPluginPort
orclPluginPort
is the port that the plug-in is using.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.566
Other
Single-valued attribute.
8.2.349 orclPluginRequestGroup
It is a semicolon-separated group list that controls if the plug-in takes effect.
You can use this group to specify who can actually invoke the plug-in. For example, if you specify orclpluginrequestgroup:cn=security,cn=groups,dc=oracle,dc=com
, when you register the plug-in, then the plug-in will not be invoked unless the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.564
Other
Single-valued attribute.
8.2.350 orclPluginRequestNegGroup
orclPluginRequestNegGroup
is a semicolon-separated group list that controls if the plug-in takes effect.
You can use this group to specify who cannot invoke the plug-in. For example, if you specify orclpluginrequestneggroup: cn=security,cn=groups,dc=oracle,dc=com
, when you register the plug-in, then the plug-in will not be invoked if the ldap request comes from the person who belongs to the group cn=security,cn=groups,dc=oracle,dc=com
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.571
Other
Single-valued attribute.
8.2.351 orclPluginResultCode
orclPluginResultCode
is an integer value to specify the LDAP result code.
If this value is specified, then the plug-in is invoked only if the ldap operation is in that result code scenario. This only applies if the value for the orclPluginTiming attribute is POST
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.565
Other
Single-valued attribute.
8.2.352 orclPluginSASLCallBack
orclPluginSASLCallBack
controls the type of bind used when the LDAP_PLUGIN package connects back to the same Oracle Internet Directory server.
Allowed values are:
-
1= SASL bind (default).
-
0= Simple bind.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.572
Other
Single-valued attribute.
8.2.353 orclPluginSearchNotFound
This only applies if the value for the orclPluginTiming
attribute is POST
. It brings in the external
entries if the entry is not found in Oracle Internet Directory. It provides additional
plug-in invocation checking and ensures that the plug-in will only
be invoked when the entry is not present in Oracle Internet Directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.570
Other
Single-valued attribute.
8.2.354 orclPluginShareLibLocation
orclPluginShareLibLocation
contains the file location of the program libraries for the plug-in. If this value is not present, then the Oracle Internet Directory server assumes the plug-in language is PL/SQL.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.556
Other
Single-valued attribute.
8.2.355 orclPluginSubscriberDNList
orclPluginSubscriberDNList
is a semicolon-separated DN list that controls if the plug-in takes effect.
For example:
dc=COM,c=us;dc=us,dc=oracle,dc=com;dc=org,dc=us;o=IMC,c=US
If the target DN of an LDAP operation is included in the list, then the plug-in is invoked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.561
Other
Single-valued attribute.
8.2.356 orclPluginTiming
orclPluginTiming
specifies when the plug-in is to be invoked in relation to the LDAP operation it supplements.
The following values are allowed:
-
PRE
-
WHEN
-
POST
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.558
Other
Single-valued attribute.
8.2.357 orclPluginType
The valid value of this attribute is operational
— Operational plug-ins augment existing LDAP operations. The work they perform depends on whether they execute before, after, or in addition to normal directory server operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.553
Other
Single-valued attribute.
8.2.358 orclPluginVersion
orclPluginVersion
indicates the supported version number of the plug-in.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.555
Other
Single-valued attribute.
8.2.359 OrclPluginWorkers
OrclPluginWorkers
specifies the number of plug-in threads per server process.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.612
8.2.360 orclPrName
orclPrName
stores a process name.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.55
Other
Single-valued attribute.
8.2.361 orclProductVersion
orclProductVersion
identifies the product version.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.6
8.2.362 orclPrPassword
orclPrPassword
contains a password for the OID proxy user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.56
Other
Single-valued attribute.
8.2.363 orclPurgeBase
orclPurgeBase
it is the base DN in the directory information tree (DIT) where the garbage collection task is applied. This attribute value is reserved for each garbage collector and it must not be modified. Defaults to the RDN of the garbage collector configuration entry DN.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.805
Other
Single-valued attribute.
8.2.364 orclPurgeDebug
orclPurgeDebug
is the flag to enable (1) or disable (0) collection of debugging messages. Default value is 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.810
Other
Single-valued attribute.
8.2.365 orclPurgeEnable
orclPurgeEnable
is a flag to enable (1) or disable (0) this garbage collector. Default value is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.808
Other
Single-valued attribute.
8.2.366 orclPurgeFileLoc
orclPurgeFileLoc
is the absolute file directory where the garbage collection log file is saved. Default value is.
(period - the current directory).
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.812
Other
Single-valued attribute.
8.2.367 orclPurgeFileName
orclPurgeFileName
is the file name of the garbage collection log file. Default value is oidgc001.log
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.811
Other
Single-valued attribute.
8.2.368 orclPurgeFilter
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.803
Other
Single-valued attribute.
8.2.369 orclPurgeInterval
orclPurgeInterval
is the time interval in hours that the garbage collection job is executed again.
This can be measured from either the point in time specified in the orclPurgeStart attribute or from the last time it was run. Default value is 24.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.801
Other
Single-valued attribute.
8.2.370 orclPurgeNow
Every time this attribute is added or modified to a garbage collection entry, then the submitted job is executed immediately.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.809
Other
Single-valued attribute.
8.2.371 orclPurgePackage
orclPurgePackage
specifies the package name for purging directory objects.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.804
Other
Single-valued attribute.
8.2.372 orclPurgeSchedule
orclPurgeSchedule
specifies the schedule for purging directory objects.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integermatch
Object ID
2.16.840.1.113894.1.1.24
Other
Single-valued attribute.
DSA operational attribute.
8.2.373 orclPurgeStart
orclPurgeStart
is the time when the garbage collector starts to run. The format is yyyymmddhhmmss
. Default value is 12:00 a.m. of the day Oracle Internet Directory is installed.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.813
Other
Single-valued attribute.
8.2.374 orclPurgeTargetAge
This attribute enables time-based purging of change log records. Set this to the number of hours after which old change logs are purged. Time-based purging respects the change status of replication, but not the change status of other consumers. When time-based purging is enabled, the change log garbage collector purges all change logs that are not needed by replication and that are at least the specified number of hours old.
The default behavior is change number-based purging, meaning this attribute is NULL or set to a value less than zero. Change number-based purging respects the change status of all change log consumers. That is, it does not purge change logs unless they have been consumed by all consumers. In addition, it does not purge change logs until they are 10 days old.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.800
Other
Single-valued attribute.
8.2.375 orclPurgeTranSize
orclPurgeTranSize
is the number of objects to be purged in one commit transaction. The default value is 1000.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.802
Other
Single-valued attribute.
8.2.376 orclPwdAccountUnlock
orclPwdAccountUnlock
allows a user with the appropriate administration rights and privileges to unlock an already locked account. However, it doesn't necessarily imply that the user affected (that is, who's account was locked) can unlock it by changing this attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.203
Other
Single-valued attribute.
8.2.377 orclPwdAllowHashCompare
orclPwdAllowHashCompare
determines whether to allow password validations by comparing the hash values of encrypted passwords. The Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.218
Other
Single-valued attribute.
8.2.378 orclPwdAlphaNumeric
orclPwdAlphaNumeric
indicates number of numeric characters required in a password. The default value is 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.205
Other
Single-valued attribute.
8.2.379 orclPwdEncryptionEnable
orclPwdEncryptionEnable
takes values 1 and 0. If the value is 1, then the user password is stored in reversible encrypted form. If the value is 0, then the user password is stored in plain text.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.215
Other
Single-valued attribute.
8.2.380 orclPwdIllegalValues
orclPwdIllegalValues
lists the common words and attribute types whose values cannot be used as a valid password. By default, all words are acceptable password values.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{1024} (Directory String, 1024 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.204
8.2.381 orclPwdIPAccountLockedTime
orclPwdIPAccountLockedTime
indicates the time when a user account was locked for a specific IP address.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.211
Other
Directory operational attribute.
Not user modifiable.
8.2.382 orclPwdIPFailureTime
orclPwdIPFailureTime
indicates the time of a password failure.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.212
Other
Directory operational attribute.
Not user modifiable.
8.2.383 orclPwdIPLockout
orclPwdIPLockout
decides whether to enable account lockouts for a specific IP address. The value can be 1 (for true) or 0 (for false).
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.200
Other
Single-valued attribute.
8.2.384 orclPwdIPLockoutDuration
orclPwdIPLockoutDuration
indicates the number of seconds you want to enforce account lockout for a specific IP address. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.201
Other
Single-valued attribute.
8.2.385 orclPwdIPMaxFailure
orclPwdIPMaxFailure
indicates the maximum number of failed logins from a specific IP address after which the account is locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.202
Other
Single-valued attribute.
8.2.386 orclpwdmaxinactivitytime
orclpwdmaxinactivitytime
indicates the maximum period of time in seconds after which an inactive account is automatically locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.379
Other
Single-valued attribute.
8.2.387 orclPwdMaxRptchars
orclPwdMaxRptchars
indicates the maximum number of times a single character type can be repeated in a password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.415
Other
Single-valued attribute.
8.2.388 orclPwdMinAlphachars
orclPwdMinAlphachars
indicates the minimum number of alphabetic characters required in a password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.411
Other
Single-valued attribute.
8.2.389 orclPwdMinSpecialchars
orclPwdMinSpecialchars
indicates minimum number of non-alphanumeric characters required in a password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.412
Other
Single-valued attribute.
8.2.390 orclPwdMinUppercase
orclPwdMinUppercase
indicates the minimum number of uppercase characters required in a password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.413
Other
Single-valued attribute.
8.2.391 orclpwdminlowercase
orclpwdminlowercase
indicates the minimum number of lowercase characters required in a password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.414
Other
Single-valued attribute.
8.2.392 orclPwdPolicyEnable
orclPwdPolicyEnable
determines whether to enable or disable the password policy. The value can be are 1 (for enable) or 0 (for disable).
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.213
Other
Single-valued attribute.
8.2.393 orclPwdTrackLogin
orclPwdTrackLogin
enables or disables tracking of user's last login time; 1 for enabling and 0 for disabling (default).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.377
Other
Single-valued attribute
8.2.394 orclPwdVerifierParams
orclPwdVerifierParams
contains the values of different password verifier types.
For example:
orclpwdverifierparams;authpassword: crypto:SASL/MDS $ realm:dc=com
orclpwdverifierparams;orclpasswordverifier: crypto:ORCLLM
orclpwdverifierparams;authpassword: crypto:ORCLWEBDAV $ realm:dc=com
Syntax
1.3.6.1.4.1.1466.115.121.1.15{256} (Directory String, 256 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.209
8.2.395 orclQosConfig
Mechanism to dynamically configure throttling polices.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.920
Other
Multi-valued attribute
8.2.396 orclQueueDepth
orclQueueDepth
indicates the queue depth.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.144
Other
Single-valued attribute.
8.2.397 orclQueueLatency
orclQueueLatency
defines the queue latency.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.145
Other
Single-valued attribute.
8.2.398 orclReadWaitThreads
orclReadWaitThreads
specifies the number of Oracle Internet Directory server threads waiting to read from the network.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.142
Other
Single-valued attribute.
8.2.399 orclReqAttrCase
orclReqAttrCase
disables or enables preserving the letter case of required attributes in search result. Allowed values are 0 (disable) or 1 (enable). The default value is 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.423
Other
Single-valued attribute
8.2.400 orclrefreshdgrmems
orclrefreshdgrmems
refreshes Dynamic Group Memberships.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch (Integer)
Object ID
2.16.840.1.113894.1.1.416
Other
Single-valued attribute
8.2.401 orclReplAgreements
orclReplAgreements
indicates the DNs of the replication agreement entries.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.105
8.2.402 orclReplAttrConfl
orclReplAttrConfl
specifies whether timestamp or attribute version should be honored first during attribute level conflict resolution. 0 (default): timestamp first, 1: version number first
Syntax
1.3.6.1.4.1.1466.115.121.1.27(Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.899
Other
Single valued attribute
8.2.403 orclreplautotune
orclreplautotune
is used to dynamically vary the number of threads assigned to transport and apply tasks based on load.
The value 0 indicates Off and 1 indicates On. If you set the server to auto tune, you must specify the number of maximum number of threads to be shared between these tasks. Restart server after changing.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.827
8.2.404 orclReplicaDN
orclReplicaDN
is the DN of the consumer replica in the replication agreement. This applies for LDAP-based replication only.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.817
8.2.405 orclReplicaID
orclReplicaID
is the naming attribute for the replica subentry.
Its value is unique to each directory server node that is initialized at installation. The value of this attribute, assigned during installation, is unique to each directory node, and matches that of the orclreplicaID
attribute at the root DSE. You cannot modify this value.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.106
Other
Single-valued attribute.
8.2.406 orclReplicaSecondaryURI
orclReplicaSecondaryURI
contains the set of ldapURI
formatted addresses that can be used if the orclReplicaURI
values cannot be used.
See orclReplicaURI.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
2.16.840.1.113894.1.1.815
8.2.407 orclReplicaState
orclReplicaState
defines the state of the replica.
Possible values are:
-
0 (boot strapping)
-
1 (online)
-
2 (offline)
-
3 (bootstrap in progress)
-
4 (bootstrap in progress,
cn=oraclecontext
bootstrap has completed) -
5 (bootstrap completed, failure detected for one or more naming contexts)
-
6 (database copy based add node)
-
7 (sync schema)
-
8 (boot strap without schema sync)
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.818
Other
Single-valued attribute.
8.2.408 orclreplicationid
orclreplicationid
is a unique identifier of a one-way, two-way, or peer-to-peer replication group.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.509
8.2.409 orclReplicationProtocol
orclReplicationProtocol
defines the replication protocol for change propagation to replica.
It takes the following value:
-
ODS_LDAP_1.0 (LDAP-based replication)
You cannot modify this attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.29
Other
Single-valued attribute.
8.2.410 orclReplicationState
orclReplicationState
indicates the activation state of the replication server. 0 indicates Inactive and 1 indicates Active.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.831
8.2.411 orclReplicaType
orclReplicaType
defines the type of replica such as read-only or read/write.
Possible values are:
-
0 (Read/Write)
-
1 (Read-Only)
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.816
Other
Single-valued attribute.
8.2.412 orclReplicaURI
orclReplicaURI
contains information in ldapURI
format that can be used to open a connection to this replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
2.16.840.1.113894.1.1.814
Other
Single-valued attribute.
8.2.413 orclReplicaVersion
orclReplicaVersion
is the Oracle Internet Directory version of the replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.820
Other
Single-valued attribute.
8.2.414 orclreplmaxworkers
orclreplmaxworkers
indicates maximum number of worker threads. Required if orclreplautotune
is set.
Syntax
Integer
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.826
8.2.415 orclreplusesasl;digest-md5
orclreplusesasl;digest-md5
indicates usage of SASL for replication binds.
Values are auth
, auth-int
, and auth-conf
.
Syntax
Directory String
Matching Rule
caseIgnoreMatch; caseIgnoreSubstringMatch
Object ID
2.16.840.1.113894.1.1.829
8.2.416 orclResourceIdentifier
orclResourceIdentifier
stores the resource identifier.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.348
8.2.417 orclResourceName
orclResourceName
specifies the name of the resource for which the connection information is being maintained.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.350
8.2.418 orclResourceTypeName
orclResourceTypeName
specifies the name of the resource, for example, database, XMLPDS, JDBCPDS.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.351
8.2.419 orclResourceViewers
orclResourceViewers
lists the users or groups of users who can view a Resource Access Descriptor.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.366
8.2.420 orclRevPwd
orclRevPwd
contains the reversible encrypted value of the user password.
This attribute is generated only if the attribute value of orclPwdEncryptionEnable in the password policy entry is set to 1. This attribute cannot be queried.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.216
Other
Directory operational attribute.
Not user modifiable.
8.2.421 orclrienabled
orclrienabled
enables referential integrity. 0: disabled, 1: enabled.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.1300
Other
Single-valued attribute
8.2.422 orclrscacheattr
orclrscacheattr
is the multi-valued attribute that specifies the Result Set Cache attributes.
Default values are:
-
dn: cn=dsaconfig,cn=configsets,cn=oracle internet directory
-
orclrscacheattr: uid
-
orclrscacheattr: mail
-
orclrscacheattr: cn
-
orclrscacheattr: orclguid
Note:
Typically these attributes are not modified for the life of the entry. If an attribute has referential integrity enabled, that attribute should not be used.
Syntax
1.3.6.1.4.1.1466.115.121.1.44
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.624
Other
Multi-valued attribute.
8.2.423 orclTraceConnDN
If orclDebugFlag
is set to a value other than zero (0) and orclTraceConnDN
specifies one or more connection DNs, Oracle Internet Directory server logs messages only for connections with specified DNs. Other messages are ignored.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1051
Other
Multi-valued attribute.
8.2.424 orclTraceConnIP
If orclDebugFlag
is set to a value other than zero (0) and orclTraceConnIP
specifies one or more connection IP addresses, Oracle Internet Directory server logs messages only for operations performed by the specified connection IP addresses. Other messages are ignored.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.1052
Other
Multi-valued attribute.
8.2.425 orclSAMAccountName
orclSAMAccountName
stores the value of Active
Directory's SAMAccountName
attribute.
In Oracle Internet Directory, this attribute is defined as a directory string type. However, in Active Directory this attribute cannot accept any special or non-printable characters. If any entry is added in Oracle Internet Directory with this attribute, it can only contain a simple text string or synchronization from Oracle Internet Directory to Active Directory will fail.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.903
Other
Single-valued attribute.
8.2.426 orclSASLAuthenticationMode
orclSASLAuthenticationMode
indicates different modes depending on the type of authentication required and the level of security, such as, auth-only, auth-int, or auth-conf.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.700
Other
Single-valued attribute.
8.2.427 orclSASLCipherChoice
orclSASLCipherChoice
contains the SASL cipher choice. When the authentication mode is auth-conf, the SASL cipher choices can be 3DES, DES, RC4, RC4-56, or RC4-40.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.702
8.2.428 orclSASLMechanism
orclSASLMechanism
indicates the different kinds of SASL mechanisms supported in the LDAP server. Currently, OID supports SASL-EXTERNAL and DIGEST-MD5.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.701
8.2.429 orclsDumpFlag
orclsDumpFlag
determines whether to generate or stack file (default value 0) or OS level core file (value 1) in case the OID server crashes.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.407
Other
Single-valued attribute.
8.2.430 orclSearchBaseDN
orclSearchBaseDN
contains search base information to be used when performing the directory query for identity mapping.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.706
Other
Single-valued attribute.
8.2.431 orclSearchFilter
orclSearchFilter
contains search filter information to be used when performing the directory query for identity mapping.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.705
Other
Single-valued attribute.
8.2.432 orclSearchScope
orclSearchScope
contains search scope information to be used when performing the directory query for identity mapping.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.707
Other
Single-valued attribute.
8.2.433 orclSecondaryUID
orclSecondaryUID
indicates the secondary UID of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.360
8.2.434 orclSequence
orclSequence
specifies the sequence number for audit log entries.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.62
8.2.435 orclServerAvgMemGrowth
orclServerAvgMemGrowth
specifies the Oracle Internet Directory server process memory growth as a percentage.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.148
Other
Single-valued attribute.
8.2.436 orclServerMode
orclServerMode
specifies if data can be written to the server.
Valid values are:
-
r (read-only)
-
rw (read/write)
-
rm (read-modify, that is, to read and modify, but not to add or delete)
The default value is rw
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.51
Other
Single-valued attribute.
8.2.437 orclServerProcs
orclServerProcs
indicates the number of server processes to start. The default for configset0
is 1. You cannot use a negative value for this attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.364
Other
Single-valued attribute.
8.2.438 orclServiceInstanceLocation
orclServiceInstanceLocation
specifies the DN of an instance of a service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseExactMatch
Object ID
2.16.840.1.113894.1.1.1102
Other
Single-valued attribute.
8.2.439 orclServiceMember
orclServiceMember
identifies all the service instances that are members of a logical service entity.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.1005
8.2.440 orclServiceSubscriptionLocation
orclServiceSubscriptionLocation
specifies the DN where the list of users subscribed to a service is available.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseExactMatch
Object ID
2.16.840.1.113894.1.1.1100
Other
Single-valued attribute
8.2.441 orclServiceSubType
orclServiceSubType
identifies the sub-types of a Service e.g. IMAP, SMTP are sub-type of an e-mail service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1009
Other
Single-valued attribute
8.2.442 orclServiceType
orclServiceType
identifies the type of Service e.g. Email, Calendar, and so forth.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.4
Other
Single-valued attribute
8.2.443 orclSID
orclSID
stores the SID.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.5
Other
Single-valued attribute
8.2.444 orclsimplemodchglogattributes
orclsimplemodchglogattributes
contains the list of multivalued attributes that, when changed, cause a simplified change log to be generated.
Syntax
DN
Matching Rule
DistinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.823
8.2.445 orclSizeLimit
orclSizeLimit
indicates the maximum number of entries to be returned by a search.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.10
Other
Single-valued attribute
8.2.446 orclSkewedAttribute
orclSkewedAttribute
contains names of attributes which are skewed. A skewed attribute has very different search response times depending on its value. You can uniform the response times for searches for such an attribute by adding it as a value of the orclskewedattribute
attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.405
8.2.447 orclSkipRefInSQL
orclSkipRefInSQL
specifies whether to skip referral in SQL generated for searches. Its default value is 0. Set it to 1 if there are no referral entries in the directory; this will help optimizing search performance.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.410
Other
Single-valued attribute
8.2.448 orclSkipSpecialInFilter
Evaluates whether Oracle Internet Directory should skip the processing of special characters specified in filter values during a search operation. Its default value is 0.
0: Process the special characters specified in the filter value.
1: Do not process the special characters specified in the filter value.
Syntax
1.3.6.1.4.1.1466.115.121.1.44
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.629
Other
Single-valued attribute
8.2.449 orclSMSpec
orclSMSpec
represents a structural object class that includes common attributes for server manageability object classes.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.185
8.2.450 orclSQLexeFetchLatency
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.132
Other
Single-valued attribute
8.2.451 orclSQLGenReusedParsed
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.134
Other
Single-valued attribute
8.2.452 orclSSLAuthentication
orclSSLAuthentication
indicates the type of SSL authentication to use for this instance of Oracle Internet Directory server. The default value of 1, specifies no SSL authentication. Different instances can have different values. One-way and two-way SSL authentication requires a wallet.
You may use one of the following three values:
-
1 = Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption is used.
-
32 = One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.
-
64 = Two-way authentication. Both client and server send certificates to each other.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.13
Other
Single-valued attribute
8.2.453 orclSSLCipherSuite
A cipher suite is a set of authentication, encryption, and data integrity algorithms used for exchanging messages between network nodes. During an SSL handshake, the two nodes negotiate to see which cipher suite they will use when transmitting messages back and forth.
The following cipher suites are supported:
Table 8-3 SSL Cipher Suites Supported in Oracle Internet Directory
Cipher Suite | Authentication | Encryption | Data Integrity |
---|---|---|---|
SSL_RSA_WITH_3DES_EDE_CBC_SHA |
RSA |
3DES |
SHA |
SSL_RSA_WITH_RC4_128_SHA |
RSA |
RC4 |
SHA |
SSL_RSA_WITH_RC4_128_MD5 |
RSA |
RC4 |
MD5 |
SSL_RSA_WITH_DES_CBC_SHA |
RSA |
DES |
SHA |
SSL_RSA_EXPORT_WITH_RC4_40_MD5 |
RSA |
RC4_40 |
MD5 |
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA |
RSA |
DES40 |
SHA |
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA |
None |
3DES |
SHA |
SSL_DH_anon_WITH_RC4_128_MD5 |
None |
RC4 |
MD5 |
SSL_DH_anon_WITH_DES_CBC_SHA |
None |
DES |
SHA |
SSL_RSA_WITH_AES_128_CBC_SHA |
RSA |
AES |
SHA |
SSL_RSA_WITH_AES_256_CBC_SHA |
RSA |
AES |
SHA |
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum.
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.19
8.2.454 orclSSLEnable
orclSSLEnable
is the flag for enabling or disabling SSL. Use this flag when you use different instances of the same server for either SSL or non-SSL.
Allowed values are:
-
0—for non-secure operation only
-
1—for SSL authentication only
-
2— for both non-secure operation and SSL authentication
The default value is
2
.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.14
Other
Single-valued attribute
8.2.455 orclsslinteropmode
orclsslinteropmode
allows you to enable SSL interoperability with Oracle legacy applications using no-auth mode.
Starting with Oracle Internet Directory 11g Release 1 (11.1.1.7.0), the default value is disabled (orclsslinteropmode = 0), in order to be fully compliant with the JDK SSL.
In no-auth mode, Oracle legacy components developed before 11g Release 1 (11.1.1.0.0) such as legacy LDAP C clients can connect with Oracle Internet Directory only by using an instance that has interoperability mode enabled (orclsslinteropmode = 1).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.422
Other
Single-valued attribute
8.2.456 orclSSLPort
orclSSLPort
is the default SSL port for the directory server. The Default value is 3133.
When you run the directory in the secure mode, it listens at default port 3133 and accepts only SSL-based TCP/IP connections. (When you run the directory in the normal mode, it listens at default port 389, accepting normal TCP/IP connections.) You might want to change this port when you add multiple LDAP server instances.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.17
Other
Single-valued attribute
8.2.457 orclSSLVersion
orclSSLVersion
is the SSL version. The default value is 3.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.18
Other
Single-valued attribute
8.2.458 orclSSLWalletURL
orclSSLWalletURL
sets the location of the Oracle Wallet.
You initially set this value when you create the wallet. If you elect to change the location of the Oracle Wallet, you must change this parameter. You must set the wallet location on both the client and the server. For example, on UNIX, you could set this parameter as follows:
file:/home/my_dir/my_wallet
On Microsoft Windows, you could set this parameter as follows:
file:C:\my_dir\my_wallet
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.15
Other
Single-valued attribute
8.2.459 orclStatsDN
orclStatsDN
specifies list of user DNs for which to track LDAP operations.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.187
8.2.460 orclStatsFlag
orclStatsFlag
allows you to enable or disable the Oracle Internet Directory Server Manageability framework. To enable, set this to 1. To disable, set it to 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.197
Other
Single-valued attribute.
8.2.461 orclStatsLevel
orclStatsLevel
indicates the level of statistics collection for users. The valid value is 1. Specifying this value collects the number of bind and compare operations against the directory and the user who performed each one.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.199
Other
Single-valued attribute.
8.2.462 orclStatsOp
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.188
Other
Single-valued attribute.
8.2.463 orclStatsPeriodicity
orclStatsPeriodicity
indicates the Time interval in minutes for gathering server manageability statistics. The default value is 60.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.198
Other
Single-valued attribute.
8.2.464 orclStatus
Depending on the context of the object that it is applied to, like a service, orclStatus
indicates if the service is available or not.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.9.1.9
8.2.465 orclSUAccountLocked
orclSUAccountLocked
determines whether a superuser account is locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.192
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.466 orclSubscriberDisable
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.100
Other
Single-valued attribute.
8.2.467 orclSubscriberFullName
orclSubscriberFullName
stores the full name of the configured realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.333
Other
Single-valued attribute.
8.2.468 orclSubscriberNickNameAttribute
orclSubscriberNickNameAttribute
stores a name of an attribute that holds the unique identifier of a realm.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.302
Other
Single-valued attribute.
8.2.469 orclSubscriberSearchBase
orclSubscriberSearchBase
specifies the DIT node that contains all realms.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.301
8.2.470 orclSubscriberType
orclSubscriberType
defines the type of realm created.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.331
Other
Single-valued attribute.
8.2.471 orclSuffix
To have the directory server manage part of an LDAP directory, you can specify the highest level parent DNs in the server configuration. These DNs are called suffixes. The server can access all objects in the directory that are below the specified suffix in the directory hierarchy. This attribute is part of the root DSE (DSA-Specific Entry). The root DSE contains a number of attributes that store information about the directory server itself.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.6
Other
Single-valued attribute.
8.2.472 orclSuiteType
orclSuiteType
identifies the type of suite, for example, ocs, ebiz, and so forth.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.1011
Other
Single-valued attribute.
8.2.473 orclSULoginFailureCount
orclSULoginFailureCount
indicates the number of failed login attempts for the directory superuser.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.191
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.474 orclSUName
orclSUName
is the distinguished name of the directory superuser account, for example, cn=orcladmin
.
Syntax
1.3.6.1.4.1.1466.115.121.1.12
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.8
Other
Single-valued attribute.
8.2.475 orclSUPassword
orclSUPassword
is the Oracle Internet Directory superuser password.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{128} (Directory String, 128 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.9
Other
Single-valued attribute.
8.2.476 orclSystemName
orclSystemName
identifies the host name on which a particular instance of a service is running.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.3
Other
Single-valued attribute.
8.2.477 orclTcpConnToClose
orclTcpConnToClose
specifies the number of clients for which the Oracle Internet Directory server will close TCP connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.153
Other
Single-valued attribute.
8.2.478 orclTcpConnToShutDown
orclTcpConnToShutDown
specifies the number of clients for which the Oracle Internet Directory server will shut down TCP connections.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.152
Other
Single-valued attribute.
8.2.479 orclThreadSpawnFailed
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.154
Other
Single-valued attribute.
8.2.480 orclThreadsPerSupplier
orclThreadsPerSupplier
specifies the number of threads per supplier for the Oracle directory replication server.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integermatch
Object ID
2.16.840.1.113894.1.1.31
Other
DSA operational attribute.
8.2.481 orclTimeLimit
orclTimeLimit
indicates the maximum number of seconds allowed for a search to be completed. The default value is 3600.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.65
Other
Single-valued attribute.
8.2.482 orclTimeZone
orclTimeZone
specifies the time zone applicable for a user location.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.311
8.2.483 orclTLimitMode
orclTLimitMode
defines the time limit mode.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.406
Other
Single-valued attribute.
8.2.484 orclTotFreePhyMem
orclTotFreePhyMem
stores the total amount of free system physical memory.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.146
Other
Single-valued attribute.
8.2.485 orclTraceDimesionLevel
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.174
Other
Single-valued attribute.
8.2.486 orclTraceFileLocation
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.176
Other
Single-valued attribute.
8.2.487 orclTraceFileSize
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.177
Other
Single-valued attribute.
8.2.488 orclTraceLevel
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.173
Other
Single-valued attribute.
8.2.489 orclTraceMode
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.175
Other
Single-valued attribute.
8.2.490 orclTrustedApplicationGroup
orclTrustedApplicationGroup
identifies the DN of the group that list all the applications that specific application trusts for Service to Service Authentication.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.368
8.2.491 orclTraceMode
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.175
Other
Single-valued attribute.
8.2.492 orclTxnMaxOperations
orclTxnMaxOperations
indicates the maximum number of operations allowed in a transaction.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.381
Other
Single-valued attribute
8.2.493 orclTxnTimeLimit
orclTxnTimeLimit
indicates maximum allowed time in a transaction (sec).
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.380
Other
Single-valued attribute
8.2.494 orclUIAccessibilityMode
orclUIAccessibilityMode
is set to TRUE to display a user interface that is accessible to people with impaired vision.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
2.16.840.1.113894.1.1.367
Other
Single-valued attribute.
8.2.495 orclUniqueAttrName
orclUniqueAttrName
is the name of an attribute that you want to be unique. Autoboot uniqueness means that each entry must have a unique value for this attribute type.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.500
Other
Single-valued attribute.
8.2.496 orclUniqueEnable
orclUniqueEnable
disables or enables attribute uniqueness constraints. Allowed values are 0 (disable) or 1 (enable). The default value is 0.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.508
Other
Single-valued attribute.
8.2.497 orclUniqueObjectClass
orclUniqueObjectClass
specifies an object class filter for an attribute uniqueness constraint entry.
This means the attribute specified in orclUniqueAttrNamemust be unique in an instance of this object class.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.503
Other
Single-valued attribute.
8.2.498 orclUniqueScope
orclUniqueScope
indicates the scope of the attribute uniqueness constrain in the DIT.
Allowed values are:
-
base
—Searches the root entry only -
onelevel
—Searches one level only -
sub
—Searches the entire directory
The default value is sub
.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.501
Other
Single-valued attribute.
8.2.499 orclUniqueSubtree
When multiple attribute uniqueness constraints have the same values in orclUniqueAttrName, orclUniqueScope and orclUserObjectClasses, but different values in orcluniquesubtree, the union of subtree scopes specified by those attribute uniqueness constraints is checked.
When multiple attribute uniqueness constraints have the same values in orclUniqueAttrName, orclUniqueScope and orclUserObjectClasses, but different values in orcluniquesubtree
, the union of subtree scopes specified by those attribute uniqueness constraints is checked.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.502
Other
Single-valued attribute.
8.2.500 orclUnsyncRevPwd
orclUnsyncRevPwd
stores a password that is not synchronized with the entry in the userpassword.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.16.840.1.113894.1.1.217
Other
Directory operational attribute.
Not user modifiable.
8.2.501 orclUpdateSchedule
orclUpdateSchedule
is the replication update interval for new changes and those being retried. The value is in seconds.
Syntax
1.3.6.1.4.1.1466.115.121.1.27
Matching Rule
integermatch
Object ID
2.16.840.1.113894.1.1.30
Other
Directory operational attribute.
Not user modifiable.
Single-valued attribute.
8.2.502 orclUpgradeInProgress
orclUpgradeInProgress
determines whether rolling upgrade is in progress.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.104
Other
Single-valued attribute.
8.2.503 orclUserDN
orclUserDN
is the distinguished name (DN) of the user who performed an operation.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.61
8.2.504 orclUserIDAttribute
orclUserIDAttribute
specifies the attribute to use as the user identifier value when accessing the resource.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.16.840.1.113894.1.1.352
Other
Single-valued attribute.
8.2.505 orclUserModifiable
orclUserModifiable
specifies if the data is modifiable by the user that this resource access descriptor entry is created for.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
1.2.3.4.5.6.1.11
8.2.506 orclUserObjectClasses
orclUserObjectClasses
is a list of the object classes that comprise a user entity.
Syntax
1.3.6.1.4.1.1466.115.121.1.15
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.329
8.2.507 orclUserPrincipalName
orclUserPrincipalName
indicates the Kerberos user principal name for Microsoft Active Directory users.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.8.1.904
Other
Single-valued attribute.
8.2.508 orclVersion
orclVersion
is the release version of the Oracle Internet Directory server.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.7.1.1
Other
Single-valued attribute.
8.2.509 orclWirelessAccountNumber
orclWirelessAccountNumber
stores the wireless account number of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.365
Other
Single-valued attribute.
8.2.510 orclWorkflowNotificationPref
orclWorkflowNotificationPref
identifies workflow notification preferences for a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
Object ID
2.16.840.1.113894.1.1.313
8.2.511 orclWriteWaitThreads
orclWriteWaitThreads
specifies the number of Oracle Internet Directory server threads waiting to write to the network.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.143
Other
Single-valued attribute.
8.2.512 owner
owner
specifies the distinguished name (DN) of some object which has some responsibility for the associated object.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.4.32
8.2.513 pilotStartTime
pilotStartTime
indicates the time stamp of when pilot mode was started for a replica.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
2.16.840.1.113894.1.1.825
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.514 preferredServerList
preferredServerList
contains the IP addresses of the preferred servers that a directory user agent should use in a space separated list.
The servers in this list are tried in order before those in the defaultServerList until a successful connection is made. This has no default value. At least one server must be specified in either preferredServerList
or defaultServerList
.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (Printable String)
Matching Rule
caseIgnoreIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.2
Other
Single-valued attribute.
8.2.515 profileTTL
profileTTL
is the time to live before a client directory user agent (DUA) should re-read this configuration profile.
The values for profileTTL can be zero, to indicate no expiration, or a positive integer combined with one of the following letters to indicate the unit of measure:
d
: indicates days
h
: indicates hours
m
: indicates minutes
s
: indicates seconds
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.11.1.3.1.1.7
Other
Single-valued attribute.
8.2.516 protocolInformation
This attribute is used in conjunction with the presentationAddress
attribute, to provide additional information to the Open System Interconnection (OSI) network service.
Syntax
1.3.6.1.4.1.1466.115.121.1.42 (Protocol Information)
Matching Rule
protocolInformationMatch
Object ID
2.5.4.48
8.2.517 pwdAccountLockedTime
pwdAccountLockedTime
indicates the time stamp of when a user's account was locked.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.17
Other
Single-valued attribute.
Directory operational attribute.
No user modification.
8.2.518 pwdAllowUserChange
Reserved for future use.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.14
Other
Single-valued attribute.
8.2.519 pwdChangedTime
pwdChangedTime
indicates the time stamp indicating when the user's current password was created or modified.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.16
Other
Single-valued attribute.
Directory operational attribute.
No user modification.
8.2.520 pwdCheckSyntax
pwdCheckSyntax
takes value 1 and 0. A value of 1 (default) means passwords are checked for syntax errors. A value of 0 means syntax checking is disabled.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.5
Other
Single-valued attribute.
8.2.521 pwdExpirationWarned
pwdExpirationWarned
indicates the time stamp when the first password expiration warning was sent to the user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.18
Other
Directory operational attribute.
No user modification.
8.2.522 pwdExpireWarning
pwdExpireWarning
indicates the number of seconds before a password expires that a warning should be sent to the user.
The user will see the warning when they attempt to log on during the warning period. If the user does not modify the password before it expires, the user is locked out until the password is changed by the administrator. The default value is 0, which means no warnings are sent.
For this feature to work, the client application must support it.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.7
Other
Single-valued attribute.
8.2.523 pwdFailureCountInterval
pwdFailureCountInterval
indicates the number of seconds after which the password failure times are purged from the user entry. If this attribute is not present, or if it has a value of 0, then failure times are never purged. The default value is 0
.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.12
Other
Single-valued attribute.
8.2.524 pwdFailureTime
pwdFailureTime
indicates the time stamp of consecutive failed login attempts by the user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.19
Other
Directory operational attribute.
No user modification.
8.2.525 pwdGraceLoginLimit
pwdGraceLoginLimit
indicates the maximum number of grace logins allowed after a password expires. The default value is 0 (no grace logins allowed). The recommended value is 3.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.8
Other
Single-valued attribute.
8.2.526 pwdGraceLoginTimeLimit
pwdGraceLoginTimeLimit
is the number of seconds after account lockout to allow grace logins.
Syntax
1.3.6.1.4.1.1466.115.121.1.27(Integer)
Matching Rule
integerMatch
Object ID
2.16.840.1.113894.1.1.418
Other
Single-valued attribute.
8.2.527 pwdGraceUseTime
pwdGraceUseTime
indicates the time stamps of each grace login for a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.24 (Generalized Time)
Matching Rule
generalizedTimeMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.21
Other
Directory operational attribute.
No user modification.
8.2.528 pwdHistory
pwdHistory
contains a history of a user's previous passwords.
The number of passwords stored in the history is determined by the pwdInHistory attribute.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.20
Other
Single-valued attribute.
Directory operational attribute.
No user modification.
8.2.529 pwdInHistory
pwdInHistory
indicates the number of previous passwords to be stored in the password history.
See pwdHistory. If a user attempts to reuse one of the passwords stored in the history, then the password is rejected. The default value is 0 (no previous passwords stored in the history).
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.4
Other
Single-valued attribute.
8.2.530 pwdLockout
pwdLockout
is the specification to determine whether users are locked out of the directory after the number of consecutive failed bind attempts specified by pwdMaxFailure
.
If the value of this policy attribute is TRUE, then users are locked out. If this attribute is not present, or if the value is FALSE, then users are not locked out and the value of pwdMaxFailure is ignored. By default, account lockout is enforced.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.9
Other
Single-valued attribute.
8.2.531 pwdLockoutDuration
pwdLockoutDuration
indicates the number of seconds a user is locked out of the directory on certain conditions as stated in the section below.
The number of seconds a user is locked out of the directory if both of the following are true:
-
Account lockout is enabled.
-
The user has been unable to bind successfully to the directory for at least the number of times specified by pwdMaxFailure.
You can set user lockout for a specific duration, or until the administrator resets the user's password. A default value of 0 (zero) means that the user is locked out forever. A user account stays locked even after the lockout duration has passed unless the user binds with the correct password.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.10
Other
Single-valued attribute.
8.2.532 pwdMaxAge
pwdMaxAge
indicates the maximum number of seconds that a given password is valid. If this attribute is not present, or if the value is 0 (zero), then the password does not expire. By default, the passwords expire in 60 days.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.3
Other
Single-valued attribute.
8.2.533 pwdMaxFailure
pwdMaxFailure
indicates the number of consecutive failed bind attempts after which a user account is locked. If this attribute is not present, or if the value is 0 (zero), then the account is not locked due to failed bind attempts, and the value of the password lockout policy is ignored. The default is 4.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.11
Other
Single-valued attribute.
8.2.534 pwdMinAge
pwdMinAge
holds the number of seconds that must elapse between modifications to the password. If this attribute is not present, 0 seconds is assumed.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.2
Other
Single-valued attribute.
8.2.535 pwdMinLength
pwdMinLength
is the minimum number of characters required in a password. The default is 5. The value for this attribute must be at least 1.
Syntax
1.3.6.1.4.1.1466.115.121.1.27 (Integer)
Matching Rule
integerMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.6
Other
Single-valued attribute.
8.2.536 pwdMustChange
pwdMustChange
is an indicator of whether users must change their passwords after the first login, or after the password is reset by the administrator.
Enabling this option requires users to change their passwords even if user-defined passwords are disabled. By default, users need not change their passwords after reset. Allowed values are 1 (true) or 0 (false).
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.13
Other
Single-valued attribute.
8.2.537 pwdpolicysubentry
pwdpolicysubentry
is the DN of the password policy applicable at the subtree rooted at this DN.
Syntax
1.3.6.1.4.1.1466.115.121.1.34
Matching Rule
distinguishedNameMatch
Object ID
2.16.840.1.113894.1.1.417
8.2.538 pwdReset
pwdReset
is an indicator that the password has been reset and must be changed by the user on first authentication. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.22
Other
Single-valued attribute.
Directory operational attribute.
Not user modifiable.
8.2.539 pwdSafeModify
pwdSafeModify
is an indicator of whether user must supply old password with new one when modifying password. By default, the old password is not required. Allowed values are TRUE or FALSE.
Syntax
1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
Matching Rule
booleanMatch
Object ID
1.3.6.1.4.1.42.2.27.8.1.15
Other
Single-valued attribute.
8.2.540 ref
ref
is a named reference.
Values placed in the attribute must conform to the specification given for the labeledURI attribute (RFC 2079).
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
2.16.840.1.113730.3.1.34
Other
DSA operational attribute.
8.2.541 seeAlso
seeAlso
specifies the distinguished names of other directory objects which may be other aspects (in some sense) of the same real world object.
Syntax
1.3.6.1.4.1.1466.115.121.1.12 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.4.34
8.2.542 serverName
serverName
is the name of the server involved in an Oracle Directory Integration
and Provisioning change subscription.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
caseIgnoreMatch
caseignoresubstringsmatch
Object ID
2.16.840.1.113894.1.1.34
8.2.543 serviceAuthenticationMethod
serviceAuthenticationMethod
is the authentication method for the service.
Syntax
1.3.6.1.4.1.1466.115.121.1.15 (Directory String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.15
8.2.544 serviceCredentialLevel
serviceCredentialLevel
is the credential level to be used by a service. The default value for all services is NULL. The supported credential levels are anonymous
or proxy
.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
N/A
Object ID
1.3.6.1.4.1.11.1.3.1.1.13
8.2.545 serviceSearchDescriptor
serviceSearchDescriptor
defines how and where an LDAP naming service client should search for information for a particular service. It contains a service name, followed by one or more semicolon-separated base-scope-filters.
Syntax
1.3.6.1.4.1.1466.115.121.1.26 (IA5 String)
Matching Rule
caseExactIA5Match
Object ID
1.3.6.1.4.1.11.1.3.1.1.8
8.2.546 sn
sn
is the surname or last name of a user.
Syntax
1.3.6.1.4.1.1466.115.121.1.15{32768} (Directory String, 32768 character maximum)
Matching Rule
caseIgnoreMatch, caseIgnoreSubstringsMatch
Object ID
2.5.4.4
8.2.547 supportedcontrol
supportedcontrol
is a list of controls supported by directory server.
Syntax
OID
Object ID
1.3.6.1.4.1.1466.101.120.13
8.2.548 supportedextension
supportedextension
is a list of extended operation supported.
Syntax
OID
Object ID
1.3.6.1.4.1.1466.101.120.7
8.2.549 supportedldapversion
supportedldapversion
is a list of LDAP versions supported.
Syntax
Integer
Object ID
1.3.6.1.4.1.1466.101.120.15
8.2.550 uniqueMember
uniqueMember
is the distinguished name for the member of a group.
Syntax
1.3.6.1.4.1.1466.115.121.1.34 (Distinguished Name)
Matching Rule
distinguishedNameMatch
Object ID
2.5.4.50
8.2.551 supportedsaslmechanisms
supportedsaslmechanisms
is a list of SASL mechanism supported.
Syntax
Directory String
Matching Rule
Object ID
1.3.6.1.4.1.1466.101.120.14
8.2.552 userCertificate;binary
It is the user’s certificate.
Syntax
1.3.6.1.4.1.1466.115.121.1.8 (Certificate)
Matching Rule
octetStringMatch
Object ID
2.5.4.36
8.2.553 userPassword
userPassword
is the password used to authenticate a user to the directory.
Syntax
1.3.6.1.4.1.1466.115.121.1.44{128} (Printable String, 128 character maximum)
Matching Rule
octetStringMatch
Object ID
2.5.4.35
Other
Single-valued attribute.
8.2.554 userPKCS12
PKCS#12 PFX PDU for exchange of personal identity information.
Syntax
1.3.6.1.4.1.1466.115.121.1.5 (Binary)
Matching Rule
N/A
Object ID
2.16.840.1.113730.3.1.216