LDAP Resources


[an error occurred while processing this directive]

No Title

[an error occurred while processing this directive]

Reference: Cisco: Internetworking Basics

The top level of the LDAP directory tree is the base, referred to as the "base DN". A base DN usually takes one of the three forms listed here. The examples below assume we are working with iDevelopment, which is on the Internet as iDevelopment.info.

(base DN in X.500 format)

In this example, o=idevelopment. refers to the organization, which in this context should be treated as synonymous with the company name. c=US indicates that the company headquarters is in the US. Once upon a time, this was the preferred method of specifying your base DN. Times and fashions change, though; these days, most companies are (or plan to be) on the Internet. And what with Internet globalization, using a country code in the base DN probably made things more confusing in the end. In time, the X.500 format evolved into the other formats listed below.

(base DN derived from the company's Internet presence)

This format is fairly straightforward, using the company's Internet domain name as the base. Once you get past the o= portion (which stands for organization), everyone at your company should know where the rest came from. This was, until recently, probably the most common of the currently used formats.

(base DN derived from the company's DNS domain components)

As with the previous format, this uses the DNS domain name as its basis. But where the other format leaves the domain name intact (and thus human-readable), this format is split into domain components: idevelopment.info becomes dc=idevelopment,dc=info. In theory, this could be slightly more versatile, though it's a little harder for end users to remember. By way of illustration, consider idevelopment.info. When idevelopment.info merges with acme.com, you simply start thinking of "dc=com" as the base DN. Place the new records into your existing directory under dc=acme, dc=com, and you're ready to go. (Of course, this approach doesn't help if idevelopment.info merges with csustan.edu.) This is the format I'd recommend for any new installations. Oh, and if you're planning to use Active Directory, Microsoft has already decided for you that this is the format you wanted.

About the Author

Jeffrey Hunter is an Oracle Certified Professional, Java Development Certified Professional, Author, and an Oracle ACE. Jeff currently works as a Senior Database Administrator for The DBA Zone, Inc. located in Pittsburgh, Pennsylvania. His work includes advanced performance tuning, Java and PL/SQL programming, developing high availability solutions, capacity planning, database security, and physical / logical database design in a UNIX / Linux server environment. Jeff's other interests include mathematical encryption theory, tutoring advanced mathematics, programming language processors (compilers and interpreters) in Java and C, LDAP, writing web-based database administration tools, and of course Linux. He has been a Sr. Database Administrator and Software Engineer for over 20 years and maintains his own website site at: http://www.iDevelopment.info. Jeff graduated from Stanislaus State University in Turlock, California, with a Bachelor's degree in Computer Science and Mathematics.

Copyright (c) 1998-2020 Jeffrey M. Hunter. All rights reserved.

All articles, scripts and material located at the Internet address of http://www.idevelopment.info is the copyright of Jeffrey M. Hunter and is protected under copyright laws of the United States. This document may not be hosted on any other site without my express, prior, written permission. Application to host any of the material elsewhere can be made by contacting me at jhunter@idevelopment.info.

I have made every effort and taken great care in making sure that the material included on my web site is technically accurate, but I disclaim any and all responsibility for any loss, damage or destruction of data or any other property which may arise from relying on it. I will in no case be liable for any monetary damages arising from such loss, damage or destruction.

Last modified on
Thursday, 26-Jul-2012 01:34:08 EDT
Page Count: 170767