Sun Java System Web Proxy Server 4.0.8 Administration Guide

Understanding Distinguished Names (DNs)

The Users and Groups tab in the Administration Server is used to create or modify users, groups, and organizational units. A user is an individual in the LDAP database, such as an employee of your company. A group is two or more users who share a common attribute. An organizational unit is a subdivision within your organization that uses the organizationalUnit object class. Users, groups, and organizational units are described in greater detail later in this chapter.

Each user and group in your enterprise is represented by a distinguished name (DN) attribute. A DN attribute is a text string that contains identifying information for an associated user, group, or object. You use DNs whenever user or group directory entries are changed. For example, DN information must be provided each time you create or modify directory entries, configure access controls, and configure user accounts for applications such as mail or publishing. The Users and Groups interface of the Proxy Server is used to create or modify DNs.

The following example represents a typical DN for an employee of Sun Microsystems:

uid=doe,e=doe@sun.com,cn=John Doe,o=Sun Microsystems Inc.,c=US

The abbreviations in this example mean the following:

DNs may include a variety of name-value pairs, and are used to identify both certificate subjects and entries in directories that support LDAP.