Dashboard > openOSI Object Identifier name space > ... > >
  openOSI Object Identifier name space Log In   View a printable version of the current page.
Added by Jose REMY, last edited by Jose REMY on Sep 17, 2007

( DESC 'schema' )

X500/LDAP directory schema

This object identifier (OID) describes openOSI OID for X500/LDAP directory schema.

ASN1 notation: {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) openosi(27630) identification(2) schema(1)}
URN notation: urn:oid:
IETF DOT notation:
BNF notation (RFC822 Backus-Naur form): ( DESC 'schema' )
Description: X500/LDAP directory schema


openOSI OID for directory schema defines openOSI X.500 Directory Information Model as used in LDAP. More specifically see section 4 (from ISO X.501)


The objective is to provide the open source community with a flexible schema, complementary to common schema (core, cosine, inetOrgPerson), allowing to handle most existing address book entries for PIM (Personal Information Manager), as well as standardized identity objects, like vcards, openID and info-cards from Cardspace, and HIGGINS initiative.

The roadmap of this schema is to fit in the name mapping component, part of the identity abstraction of the common identity under development by previous mentioned HIGGINS project and Bandit.

Useful information

Info-cards are agnostic of security realm (kerberos, SAML, x509 ...) for authentication. openOSI favor X.509 realm which is anyway mandatory for info-card relying party identification.

vcards specifications


(see also Using X500 / LDAP directories for security)

openosi.schema is intended to be installed in conjunction with default schemas used by most LDAP directory implementations, namely:

Few conflicts are expected if others schemas are loaded, because extensive use of auxiliary object classes.

DOWNLOAD openosi schemas, associated LDIF examples and virtual configurations here

Supported address books

Supported directories

All LDAP directories are supported, but difficulty of implementation may vary because i.e: openLDAP returns canonical names when attributes are queried, therefore it is necessary to use virtual views (database relay) and attribute mapping (overlay rwm), whereas ORACLE DIRECTORY returns aliases names and works out of the box.

See also

XML format

<asn1-notation>\{iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) openosi(27630) identification(2) schema(1)\}</asn1-notation>
<description>X500/LDAP directory schema</description>
<information>More <i>information</i> can be found at <a href="http://openosi.org/osi/display/oid/">openOSI</a> </information>

Children OID (openOSI Object Identifier name space) (openOSI Object Identifier name space)

Site powered by a free Open Source Project / Non-profit License (more) of Confluence - the Enterprise wiki.
Learn more or evaluate Confluence for your organisation.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.4.2 Build:#703 Mar 12, 2007) - Bug/feature request - Contact Administrators