Generate an Object Identifier

I made some improvements so it saves to a file and also adds the needed DLL for changing Active Directory Schema, which you may or may not need so just delete it if you do not.

https://gist.github.com/Goddard/6190e425c2580fd5dc957027275691f6

try {@(@("1.2.840.113556.1.8000.2554")+@(@($guid -split (@(4,4,4,4,4,6,6|%{"(.{$_})"}) -join "-*"))[1..7] | % {[UInt64]::Parse($_,"AllowHexSpecifier")})) -join "."} catch {throw "Guid could not be generated, please ensure machine has a network card."}

Whoops. Missing Guid object in the first one. 

try {@(@("1.2.840.113556.1.8000.2554")+@(@([Guid]::NewGuid().Guid -split (@(4,4,4,4,4,6,6|%{"(.{$_})"}) -join "-*"))[1..7] | % {[UInt64]::Parse($_,"AllowHexSpecifier")})) -join "."} catch {throw "Guid could not be generated, please ensure machine has a network card."}

Can this script be run in powershell?

oid.vbs(20, 9) Microsoft VBScript compilation error: Invalid character

I found the PS version which is working.  Thanks!

I am setting up a root CA and I need an OID without paying $$.  Can I use the OIDs generated for the CAPolicy.inf file?

I also noticed that each time I generate an OID it is different.  Which one should I use the last one I got or can I use any of them?

Am I supposed to generate an OID on the domain controller or the root CA?

Thanks in advance.

I will answer my own question, since I do not have months to wait for a reply.  I went ahead and used the OID that was generated as the OID for the certificate field - it all worked.

hello  

to generate an OID on the domain controller or the root CA? Which is the right answer??

Hi.. I am in process of setting two tier CA.. can you please let me know the steps to be followed using this script....

While i run this script...it will extend the Schema of my domain?  or do i need to perform anything else using this OID...

As per my understanding once i run this command .. it will extend the schema and provide my root ID example 1.1.1.1 ... which i will use in ROOT CApolicy.inf and when i install sub CA i use 1.1.1.2 in Sub CApolicy.inf .... am i right?

how can we copy this code into dc machine and paste it?

how can generate oid in dc2 machine which is connected to acme.com

Open cmd prompt. Navigate to the folder where the vbs file is (say c:\Temp and your file name is OID.vbs). use cscript.exe to execute the file. by default it uses wscript.exe.

===========================
C:\Temp>cscript.exe Oid.vbs
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.

Your root OID is:
1.2.840.113556.1.8000.2554.19655.56552.19464.62523.42086.5516042.16055126
==============================


 

Not a question, but this script works on Windows 8, so I wanted to add a note here so you can update the description and compatibility chart if you wish.

Hi,

I would like to create a new custom attribute in my schema.
I get this OID when I run it in my DC1 machine.
What should I do with this ?

"Your root OID is:
1.2.840.113556.1.8000.2554.39809.6638.40713.20287.45174.2482085.12653064
This prefix should be used to name your schema attributes and classes."

Help me proceed.

Please see this QA on OIDs http://security.stackexchange.com/a/26518/396