Overview #DN is a Distinguished Name (often referred to as a DN or FDN) is a string that uniquely identifies an entry in the Directory Server.
A distinguished name is comprised of zero or more RDN components that identify the location of the entry in the DIT. An entry's distinguished name can be thought of as a kind of an analog to an absolute path in a filesystem in that it specifies both the name and hierarchical location.
Attribute Definition #The DN AttributeTypes is defined as:
- OID of 220.127.116.11
- NAME: DN
- EQUALITY: distinguishedNameMatch
- SYNTAX: 18.104.22.168.4.1.1422.214.171.124.12 DN Syntax
The RDN components for a distinguished name are separated by commas and are ordered from right to left. The rightmost components of a DN are closest to the server's Naming Context, and the leftmost components are closest to the leaf entries. That is, if you think of a directory hierarchy as a kind of pyramid with the naming context at the top and the branches descending downward, then the order of RDN components in a DN are listed from bottom to top.
Even though a DN is comprised of a series of RDN components, when one refers to an entry's RDN, then it is a reference to the leftmost RDN component. The attributes contained in an entry's RDN must also be contained in that entry.
Consider the following sample DIT:
In this case, the top entry is the naming context and its DN is "dc=example,dc=com". To conserve space, only the RDNs of the subordinate entries are displayed, but the full DNs can be obtained by appending the RDN components from bottom to top. For example, the DN of the leftmost entry on the bottom row would be "uid=ann,ou=People,dc=example,dc=com".
See RFC 4514 for more information about LDAP distinguished names and the way in which they should be represented as strings.
More Information #There might be more information for this subject on one of the following:
- Add Request
- Best Practices For LDAP Naming Attributes
- Bind Request
- Description of Attribute Usage For 2.16.840.1.1137126.96.36.199.1.62
- Domain root object
- Dynamic Group
- Glossary Of LDAP And Directory Terminology
- Imanager Not All Features Show Under Configure
- LDAP Authentication
- LDAP Bulk Attribute Update Tool
- LDAP Entry
- LDAP Query For Schema
- LDAP URL
- MMC General Tab
- Monitor Entry
- NCP Primary Authentication Protocol
- Object ACL
- Password Modify Extended Operation
- Policy Interval
- Referential Integrity
- Relative Distinguished Name
- Simple Authentication
- Static groups
- VolumeName Field