About
DN is an acronym for Distinguished Name, a hierarchical unique identifier for an entry in the ldap tree.
It is supposed to globally uniquely identify a given entry like a certificate.
The Distinguished Name (DN) is the combination of all relative distinguished names ancestors (ie from the standard: the concatenation of the relative distinguished names of the sequence of entries from a particular entry to an immediate subordinate of the root of the tree).
Example
One
The world { relative name = 'dc=com' , description = 'The world' }
|
|
---- A company { relative name = 'o=foo bar ', web address = 'www.gerardnico.com' }
|
|
----- A person { relative name = 'cn=foo', favorite drink = 'martini' }
|
----- A person { relative name = 'cn=Trudi', favorite drink = 'beer' }
|
----- A person { relative name = 'cn=Jay', favorite drink = 'mineral water' }
The DN of foo would be:
cn=foo,o=foo bar,dc=com
where the DN is composed of:
Two (from the standard)
An example of a Distinguished Name is
CN=Steve Kille, O=Isode Limited, C=GB
where the DN is composed of:
SSL
When adding owner information, you need to define a DN in a certificate signing request.
The distinguished name may be defined as the concatenation of all this fields or a subset of them in hierachical order.
- LDAP - EmailAddress attribute (optional)
- LDAP - Common name (CN) (eg your name) (mandatory)
- LDAP - Organizational unit (OU) (optional)
- LDAP - O attribute (Organization) (mandatory)
- LDAP - L attribute (location, town) (optional)
- LDAP - C attribute (country) (mandatory)
Example:
[email protected], CN=KeyName, OU=Programs Partners, O=Organisation, L=Town, C=NL
CN=Bytle, O=Bytle, C=NL