DN Syntax

Overview #

DN Syntax is a LDAPSyntaxes for Distinguished Name (DN) of an LDAP Entry as defined in RFC 4512.

The OID for DN Syntax is

The LDAP-specific encoding of a value of this DN Syntax is defined by the distinguishedName rule from the String Representation of Distinguished Names (RFC 4514).

Examples (from RFC 4514):

  • UID=jsmith,DC=example,DC=net
  • OU=Sales+CN=J. Smith,DC=example,DC=net
  • CN=John Smith\, III,DC=example,DC=net
  • CN=Before\0dAfter,DC=example,DC=net
  • CN=Lu\C4\8Di\C4\87

Distinguished Name Case Sensitivity is not consistent across LDAP Server Implementations

String Representation of Distinguished Names (RFC 4514) may also be of interest.

The DN Syntax corresponds to the DistinguishedName ASN.1 type from X.501. Note that a BER encoded distinguished name (as used by X.500) re-encoded into the LDAP-specific encoding is not necessarily reversible to the original BER encoding since the chosen string type in any DirectoryString components of the Distinguished Name is not indicated in the LDAP-specific encoding of the distinguished name. (see Section 3.3.6 of RFC 4517).

Microsoft Active Directory Syntax #

Microsoft Active Directory has a few DN Syntaxs This string syntax can be used for Linked Attributes. BackLink MUST be of syntax Forward links can be of syntax DN (as well as DNWithString, DNWithBinary, AccessPointDN, or OR-Name. Linked attributes MUST have a linkID defined. properties.

More Information #

There might be more information for this subject on one of the following: