[cifs-protocol] Conflicting OIDs

Bill Wesse billwe at microsoft.com
Wed Dec 9 06:51:25 MST 2009 

Good morning Andrew - thanks for your question - I have created the below case for us to track our efforts regarding that. One of my colleagues will take ownership and contact you shortly.

SRX091209600017 : [MS-ADA3] Conflicting OIDs

Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  +1(980) 776-8200
CELL: +1(704) 661-5438
FAX:  +1(704) 665-9606

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Tuesday, December 08, 2009 8:44 PM
To: Interoperability Documentation Help
Cc: cifs-protocol at samba.org; pfif at tridgell.net; Endi Sukma Dewata
Subject: Conflicting OIDs

MS-ADA3 2.305 Attribute thumbnailLogo has:

cn: Logo
ldapDisplayName: thumbnailLogo
attributeId: 2.16.840.1.113730.3.1.36

However, this OID is allocated, according to http://www.alvestrand.no/objectid/2.16.840.1.113730.3.1.36.html to Netscape (now Red Hat), and is used for nsLicensedFor. 

It appears the official OID for thumbnailLogo is
1.3.6.1.4.1.1466.101.120.36 according to

http://tools.ietf.org/html/draft-ietf-asid-schema-pilot-00


So far, we have found the following OIDs that are allocated to different names between Microsoft's AD implementation and the official
allocations:

#MiddleName has a conflicting OID
2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1
#defaultGroup has a conflicting OID
1.2.840.113556.1.4.480:1.3.6.1.4.1.7165.4.255.2
#thumbnailPhoto has a conflicting OID
2.16.840.1.113730.3.1.35:1.3.6.1.4.1.7165.4.255.10
#thumbnailLogo has a conflicting OID
2.16.840.1.113730.3.1.36:1.3.6.1.4.1.7165.4.255.11

What I want to know is:  What is the full list of OIDs that Microsoft uses in Active Directory that have conflicting allocations between AD and either the OID allocation hierarchy or common practice?  

This will assist us as we aim for interoperability, as for each conflict, we must manually remap.

In the long term, we would like to see the AD schema documents annotated with this conflict (both as as summary table and on each attribute), and a process put in place to avoid these kinds of problems in future. 

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

More information about the cifs-protocol mailing list