[cifs-protocol] How do we know what attributes are OIDs, classes and attributes

Hongwei Sun hongweis at microsoft.com
Thu Jan 28 11:31:16 MST 2010


   We finished the investigation on your request.  We will update the MS-ADTS as follows.

Section   LDAP Representations
Changed footnote on attributes of String(OID) to:

      "††† Values of attributes of syntax String(OID) are accepted in either the numericoid (numeric OID) or descr (the LDAP display name of the attribute or class identified by that OID) format, as defined     in [RFC2252] section 4.1. The server determines the format of returning OID values using the first matching rule in the following set of processing rules:

      1. If a "Binary Option" is present on the AttributeDescription (as described in [RFC2251] section of the request, the server MUST return the OID converted to binary format as described in [RFC2252] section 4.3.1. The result is a binary encoded value using Basic Encoding Rules defined in [ITUX690].
      2. If a value of either attributeID of an AttributeSchema object or governsID of a ClassSchema object is requested, the server MUST return the OID in numericoid (Numeric OID) format.
      3. If the attribute requested is not attributeID or governsID, but the value of the attribute identifies an attribute or class, the server MUST return the value in Descr format.
      4. If none of the above applies, the server MUST return the OID in numericoid (Numeric OID) format."

Section   Auxiliary Classes
      In fourth paragraph, it is changed to
      "This dynamic auxiliary class mechanism complies with the  [X501] model of auxiliary classes."

   For your second question regarding attribute of syntax OID( transported over DRS, OIDs are transported as ATTRTYPE values([MS-DRSR] Section 5.14 ATTRTYP) over DRS. Please refer to [MS-DRSR] Section 5.16.4 ATTRTYP-to-OID Conversion on conversion between the two formats.

   Please let us know if you have any further questions regarding this topic.  



-----Original Message-----
From: cifs-protocol-bounces at cifs.org [mailto:cifs-protocol-bounces at cifs.org] On Behalf Of Andrew Bartlett
Sent: Thursday, January 07, 2010 12:31 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: [cifs-protocol] How do we know what attributes are OIDs, classes and attributes


In LDAP, it is convention to display attribute names and classes as strings, except of course for governsID and attributeID.  

In DRS, these attribute and class names are transformed (using the prefix map) into 32 bit integers.  

What we need to know is, how should we tell if an attribute should be displayed in LDAP as an OID (dotted decimal), or as an attribute or class name. 

My worry is that this can't be handled as just 'schema only' and 'hardcoded list', because it is clearly possible to add OID syntax
(  attributes to objects in the general directory.  For example:

dn: CN=IP,CN=Inter-Site
transportAddressAttribute: dNSHostName

How should I know that transportAddressAttribute must be displayed as a text string, and not an OID?  How should I know that I display governsID as an OID?

Are all attributes of syntax OID ( transported over DRS as integers, or is there a hardcoded list?  


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

More information about the cifs-protocol mailing list