Active Directory

What is Distinguished name (DN)

Last Updated: January 28, 2024
5,310

distinguished-name

Distinguished name (DN)

Every entry in the directory has a distinguished name (DN). The DN is the name that uniquely identifies an entry in the directory.

A distinguished name, which specifies the complete path to the object through the hierarchy of containers can be used to uniquely reference an object. Distinguished names are defined in the LDAP standard as a means of referring to any object in the directory. Distinguished names for Active Directory objects are normally represented using the syntax and rules defined in the LDAP standards.

The following are examples of distinguished names.

syntax
CN=MArk, OU=AD Team,OU=Users Diretory, DC=WindowsTechno,DC=local
=================================================================
syntax
CN=Mike, OU=AD Team,OU=Users Diretory, DC=WindowsTechno,DC=local
=================================================================
syntax
CN=Vipan.Kumar-DS-A, OU=AD Team,OU=Users Diretory, DC=WindowsTechno,DC=local
Distinguished-name
Distinguished name

You can also see the DN from attribute editor using ADSI Edit and Active Directory Administrative Center, follow these steps:

Opening Attribute Editor using ADSI Edit:

  • Open the ADSI Edit tool. You can access it by following these steps:

    • Press the Windows key + R to open the Run dialog box.
    • Type “adsiedit.msc” and press Enter.

                  ADSI-Edit

              Connect the default naming context and put the details as per below screenshot.

                ADSI-Edit-Connect-Domain

                Click on OK          

  • In the ADSI Edit window, expand the tree view on the left-hand side to locate and select the appropriate domain or container where the object whose attributes you want to edit is located.

  • Right click on default naming context and click on New–> Query.

          ADSI-Edit-New-Query

  • Put the information for the user object in the attribute editor, which we wish to open.

          ADSI-Edit-New-Query-CN

  • Click on OK

  • Right-click on the object and select “Properties” from the context menu.

         

  • The Properties window will open, displaying the attributes for the selected object. You can view and modify the attributes as needed.

Open Attribute Editor using Active Directory Administrative Center:

  1. Open the Active Directory Administrative Center. Please follow below steps:

    • Press the Windows key and search for “Active Directory Administrative Center”.
    • Click on the Administrative Center.

  2. In the Administrative Center, navigate to the appropriate domain or container where the object whose attributes you want to edit or see.

  3. Select the object.

  4. In the right-hand pane, click on the “Attributes” tab. This will display the attributes for the selected object.

  5. You can now view and modify the attributes as needed by selecting an attribute and clicking the “Edit” button.

Please note that both ADSI Edit and Active Directory Administrative Center are powerful tools that provide direct access to Active Directory objects and their attributes. It is essential to exercise caution while making changes to ensure the integrity and security of your Active Directory environment.

FAQs

What is an example of a distinguishing name?

CN=MArk, OU=AD Team,OU=Users Diretory, DC=WindowsTechno,DC=local

What’s a distinguished name?
Every entry in the directory has a distinguished name (DN). The DN is the name that uniquely identifies an entry in the directory.

What is the difference between common name and distinguished name?

An entry is made up of a collection of attributes that have a unique identifier called a Distinguished Name (DN). A DN has a unique name that identifies the entry at the respective hierarchy. In the example above, John Doe and Jane Doe are different common names (cn) that identify different entries at that same level.

How do I find the distinguished name of an ad group?

Open a Windows command prompt on the AD server.
Type the command: dsquery group -name <known group name>. For example: dsquery group -name “CN=MArk, OU=AD Team,OU=Users Diretory, DC=WindowsTechno,DC=local”

What is a distinguished name unique in LDAP?

Distinguished names (DNs) are used to uniquely identify entries in an LDAP or X. 500 directory.

What is the difference between base distinguished name and bind distinguished name?

The Base DN is where the PAN will start searching in the directory structure. The Bind DN is the username that will be used to do the searching and request the authentication.

What is CN in Active Directory?

The cn (or Common-Name) is a single-value attribute that is the object’s relative distinguished name.

So, that’s all in this blog. I will meet you soon with next stuff. Have a nice day!!!

Guys please don’t forget to like and share the post. Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them.

You can also share the feedback on below windows techno email id.

If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

As you found this post useful...

Follow us on social media!

Was this article helpful?
YesNo
Last Updated: January 28, 2024
5,310
Photo of Vipan Kumar

Vipan Kumar

He is an Active Directory Engineer. He has been working in IT industry for more than 10 years. He is dedicated and enthusiastic information technology expert who always ready to resolve any technical problem. If you guys need any further help on subject matters, feel free to contact us on admin@windowstechno.com Please subscribe our Facebook page as well website for latest article. https://www.facebook.com/windowstechno
Back to top button