- Distinguished name
Every entry in the directory has a distinguished name (DN). The DN is the name that uniquely identifies an entry in the directory.
A DN is made up of attribute=value pairs, separated by commas, for example: cn=Ben Gray,ou=editing,o=New York Times,c=US cn=Lucille White,ou=editing,o=New York Times,c=US cn=Tom Brown,ou=reporting,o=New York Times,c=US
Any of the attributes defined in the directory schema may be used to make up a DN. The order of the component attribute value pairs is important. The DN contains one component for each level of the directory hierarchy from the root down to the level where the entry resides. LDAP DNs begin with the most specific attribute (usually some sort of name), and continue with progressively broader attributes, often ending with a country attribute. The first component of the DN is referred to as the Relative Distinguished Name (RDN). It identifies an entry distinctly from any other entries that have the same parent. In the examples above, the RDN "cn=Ben Gray" separates the first entry from the second entry, (with RDN "cn=Lucille White"). These two example DNs are otherwise equivalent. The attribute=value pair making up the RDN for an entry must also be present in the entry. (This is not true of the other components of the DN.)
Follow this example to create an entry for a person:dn: cn=Tim Jones,o=ibm,c=usobjectclass: topobjectclass: person cn: Tim Jones sn: Jones telephonenumber: 555-555-1234
[IBM iSeries Information Center Version 5 Release 3 (http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzahy/rzahyunderdn.htm)]
Wikimedia Foundation. 2010.
