In Active Directory, and I assume any system using LDAP, a Distinguished Name (DN) is a way to identify a given user with confidence. It is a string of Relative Distinguished Names, separated by commas. There are a number of different RDNs in existense, but for our purposes, these are the ones we might need:
| String | Attribute type |
| DC | domainComponent |
| CN | commonName |
| OU | organisationalUnitName |
| O | organisationName |
A DN, then, comprises information about where in the Active Directory hierarchy we can find a given user’s account. If a user account name is JDOE and is located at Domain.com\Users\Superusers, the DN becomes CN=JDOE,OU=Superusers,OU=Users,DC=Domain,DC=com.
By posting a comment, you consent to our collecting the information you enter. See privacy policy for more information.