DN stands for Distinguished Name in LDAP-speak
dc=base | +---------+----------+ | | dc=sub1 dc=sub2 | | +----+-----+ +---+----+ | | | | ou=dept1 ou=dept2 u=dept1 ou=dep2
ou=dept1,dc=sub1,dc=base' and '
dc=basewe could have
dc=base,dc=netas the base dn
dc=sub1,dc=baseto host dns and
ou=dept1,dc=sub2,dc=baseto host a departmental addressbook
From the above you might think that a distinguished name is just a pointer to where you are in the LDAP tree. This is not in fact the case; a distinguished is also a container. Every distinguished name has many fields. The primary field is the one used as the distinguished name.
ou=dept1,dc=sub1,dc=base, the primary field is
ou: The organzational unit
A full record might look like:
dn: ou=dept1,dc=sub1,dc=base objectClass: top objectClass: organizationalUnit ou: dept1
© 2005 Daniel Dickinson <firstname.lastname@example.org>
This document is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This document is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should be able to view a copy of the GNU General Public License at http://www.gnu.org/copyleft/gpl.html. If not, you can write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA to obtain a copy.