object identifier

Definition of object identifier in The Network Encyclopedia.

What is Object Iidentifier?

A globally unique identifier for an object’s class in Active Directory. An object identifier for an attribute remains unchanged even when the distinguished name of the object is modified because of system configuration changes.

Object identifiers ensure that when Active Directory is integrated with other directory systems such as Novell Directory Services (NDS), X.500, or Simple Network Management Protocol (SNMP), no conflicts occur between them. Each class of object in Active Directory has a unique object identifier that is externally assigned by an issuing authority.

In the United States, the issuing authority is the American National Standards Institute (ANSI). The International Organization for Standardization (ISO) maintains a list of the world’s issuing authorities. An object’s attributes also require unique object identifiers.


If you want to create new classes of objects or new attributes in Active Directory using Active Directory Schema Manager, you must obtain an object identifier for your organization. An example of an object identifier for a U.S. company is 1.2.840.105670, where 1.2.840 is assigned to U.S. companies and 105670 is the number assigned to the specific company. Once your company has an object identifier, you can extend it by appending dotted decimal portions. So if 1.2.840.105670 represents Northwind Traders, 1.2.840.105670.27 might represent the Sales division, 1.2.840.105670.33 might represent the Support division, and so on. Further levels of subdivision are also possible.