Chapter 30 AAA Server
NXC5200 User’s Guide
428
Directory Structure
The directory entries are arranged in a hierarchical order much like a tree
structure. Normally, the directory structure reflects the geographical or
organizational boundaries. The following figure shows a basic directory structure
branching from countries to organizations to organizational units to individuals.
Figure 196
Basic Directory Structure
Distinguished Name (DN)
A DN uniquely identifies an entry in a directory. A DN consists of attribute-value
pairs separated by commas. The leftmost attribute is the Relative Distinguished
Name (RDN). This provides a unique name for entries that have the same “parent
DN” (“
cn=domain1.com
,
ou=Sales, o=MyCompany
” in the following examples).
cn=domain1.com, ou = Sales, o=MyCompany, c=US
cn=domain1.com, ou = Sales, o=MyCompany, c=JP
Base DN
A base DN specifies a directory. A base DN usually contains information such as
the name of an organization, a domain name and/or country. For example,
o=MyCompany
,
c=UK
where
o
means organization and
c
means country.
Root
US
Japan
Sprint
UPS
NEC
Sales
RD3
QA
CSO
Sales
RD
Countries
Organizations Organization Units
Unique
Common
Name (cn)