Active Directory Object Naming

By Dan DiNicolo, June 12th, 2001 Posted in Windows 2000. Subscribe to our RSS Feed

Active Directory is uses the Lightweight Directory Access Protocol (LDAP) as its primary access protocol. LDAP runs over TCP/IP, and defines a way to reference and access objects between an Active Directory client and server. Under LDAP, every object has a distinct Distinguished Name, and this name distinguishes the object from every other object in Active Directory, while also telling us where the object exists. The two main components of a distinguished name are a CN (common name) and a DC (domain component). The common name identifies an object or the container in which it exists, while the domain component references the domains within which the object exists. For example, a distinguished name could be as follows:

CN=Dan DiNicolo, CN=Users, DC = 2000trainers, DC=com

In the above example I have a user called Dan DiNicolo, who exists within a container called Users, in the domain 2000trainers, which is a subdomain of com. The distinguished name of an object must be unique within a given Active Directory forest (more on forests in a bit).

While a distinguished name tells us about the complete context of an object, a relative distinguished name uniquely identifies an object within its parent container. For example, if I were searching within the Users container, the relative distinguished name of the object I identified above would be Dan DiNicolo.

Written by Dan DiNicolo - Visit Website

Go To Page: 1 2

All Tutorials by Category:

Entire site Copyright © 1999-2007 2000Trainers.com, all rights reserved.
Content on this site may not be copied or reproduced in any way without permission.

IT Showcase