What Is the dc Attribute?
Returning to our discussion of the topmost entry in Figure 2-1, we can now explain the meaning of the
domain
object class and the
dc
attribute. Here is the original LDIF listing for the entry:
# LDIF listing for the entry dn: dc=plainjoe,dc=org dn: dc=plainjoe,dc=org objectclass: domain dc: plainjoe
The original recommendation for dividing the X.500 namespace was based on geographic and national regions. You frequently see this convention in LDAP directories as well, given the heritage that LDAP shares with X.500. For example, under X.500, the distinguished name for a directory server in the plainjoe.org domain might be:
dn: o=plainjoe,l=AL,c=US
Here, the o
attribute is the
organizationName
, the l
attribute is the locality of the organization, and the
c
attribute represents the country in which the
organization exists. However, there is no central means of
registering such names, and therefore no general way to refer to the
naming context of a directory server. RFC 2247 introduced a system by which LDAP
directory naming contexts can be piggybacked on top of an
organization’s existing DNS infrastructure. Because
DNS domain names are guaranteed to be unique across the Internet and
can be located easily,
mapping an organization’s
domain name to an LDAP DN provides a simple way of determining the
base suffix served by a directory and ensures that the naming context
will be globally unique.
Note
A directory’s naming context is the DN of its topmost entry. The ...
Get LDAP System Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.