AD Schema PREFIX Registration - Help in how to do this

I’ve seem to have ran into a snag in trying to work through a design for
modification of our corporate AD Schema (before anyone responds it’s a small
change w/o token bloat effects, but we are a large company and being our
first modification to the schema of many, I wanted to follow the official
process to set the correct precedent in the process and testing).

I followed the outline for obtaining an Enterprise Number from the iana.org
but when I try to find the proper method for registering our Prefix I seem to
hit a wall.

I contacted our Microsoft TAM and she has informed me that Microsoft no
longer registers OID (enterprise numbers) or Prefixes for AD. Talk to IANA.
I asked if she could tell me if some has taken our preferred Prefix – again
she says MS does not keep records of such things….

I asked IANA regarding AD Prefixes and they said talk to MS.

Has anyone registered a Prefix with MS lately? If so can you pass me to the
right contact or link?

History of my research

Thanks
rs


History:

In my research I determined that this was a two-step method:

Obtain an OID (enterprise number) and register your PREFIX.

(RECOMMENDED) Registering it with IANA
http://pen.iana.org/pen/PenApplication.page to request a Private Enterprise
Number.
(NOT RECOMMENDED) Running a script that creates OID
http://www.microsoft.com/technet/scr....mspx?mfr=true
Both ways will generate an OID, but with running the script we may get into
a conflict with a duplicate OID when we upgrade the schema, that’s why it is
not recommended by Microsoft.

How to use the OID

Each schema element is identified by a globally unique Object Identifier
(OID). OIDs are also used to identify other objects. They are commonly found
in protocols described by ASN.1.
In particular, they are heavily used by the Simple Network Management
Protocol (SNMP). As OIDs are hierarchical, your organization can obtain one
OID and branch it as needed.

view the Schema Naming Rules section in the Application Specification for
Microsoft Windows Server 2003. This prefix should be used to name your schema
attributes and classes.
This lead to a dead link and dead process.
http://msdn2.microsoft.com/en-us/library/ms677620.aspx
The link on the MSDN site for Prefix registration is dead:
http://msdn.microsoft.com/en-us/library/ms808930.aspx
(dead link = http://msdn.microsoft.com/certificat...gistration.asp)

Howdie!

On 14.04.2010 02:46, robs wrote:
> I contacted our Microsoft TAM and she has informed me that Microsoft no
> longer registers OID (enterprise numbers) or Prefixes for AD. Talk to IANA.
> I asked if she could tell me if some has taken our preferred Prefix – again
> she says MS does not keep records of such things….

Ha, we're talking about to different things here, I guess. The OID your
TAM was talking about is the unique numberic namespace you need to use
to put your custom attributes and objects in. It must be registered with
IANA.

The naming prefix however is how you name your attributes and objects.
Microsoft started prefixing them "msDS-" -- you might want to add your
company name there or whatever. That helps prevent naming collisions.
The name prefix can't be registered anywhere, so it is your
responsibility to find your own unique prefix no one else has.

Cheers,
Florian

Hi. Actaully we're not talking about differnt things. I understand the OID
and PREFIX are separate entities. Thus my question.

If you review the links you'll see that Microsoft had (has?) a process for
recording and confirm PREFIX registrations.

It would make no sence that they wouldn't - could you imagine a world were
we had to hope for a PREFIX to not conflict with anyone elses just without a
central registration. Read the Schema Naming Rules section in the
Application Specification for Microsoft Windows Server 2003 section.

thansk
rs

"Florian Frommherz [MVP]" wrote:

> Howdie!
>
> On 14.04.2010 02:46, robs wrote:
> > I contacted our Microsoft TAM and she has informed me that Microsoft no
> > longer registers OID (enterprise numbers) or Prefixes for AD. Talk to IANA.
> > I asked if she could tell me if some has taken our preferred Prefix – again
> > she says MS does not keep records of such things….
>
> Ha, we're talking about to different things here, I guess. The OID your
> TAM was talking about is the unique numberic namespace you need to use
> to put your custom attributes and objects in. It must be registered with
> IANA.
>
> The naming prefix however is how you name your attributes and objects.
> Microsoft started prefixing them "msDS-" -- you might want to add your
> company name there or whatever. That helps prevent naming collisions.
> The name prefix can't be registered anywhere, so it is your
> responsibility to find your own unique prefix no one else has.
>
> Cheers,
> Florian
> .
>