CommonName is defined in X.500 but cn is used within LDAP

Common Name (ISO 9594)#

The Common Name attribute type specifies an identifier of an object. A Common Name is not a directory name; it is a (possibly ambiguous) name by which the object is commonly known in some limited scope (such as an organization) and conforms to the naming conventions of the country or culture with which it is associated. An attribute value for common name is a string chosen either by the person or organization it describes or the organization responsible for the object it describes for devices and application entities.

For example, a typical name of a person in an English-speaking country comprises a personal title (e.g., Mr., Ms., Rd, Professor, Sir, Lord), a first name, middle name(s), last name, generation qualifier (if any, e.g., Jr.) and decorations and awards (if any, e.g., QC).


  • CN = "Mr. Robin Lachlan McLeod BSc(Hons) CEng MIEE";
  • CN = "Divisional Coordination Committee";
  • CN = "High Speed Modem".

Any variants should be associated with the named object as separate and alternative attribute values.

Other common variants should also be admitted, e.g., use of a middle name as a preferred first name; use of "Bill" in place of "William", etc.

commonName ATTRIBUTE ::= {
    SUBTYPE OF          name
    WITH SYNTAX         UnboundedDirectoryString
    ID                  id-at-commonName}

More Information#

