A distinguished name (DN) (defined in X.500) identifies a node in a Directory Information Tree (e.g., AD DS Data Store). The name is read from right (root) to left (leaf node). A distinguished name consists of a chain of relative distinguished names (RDN). View Microsoft Docs for some common RDN attribute types.
For example, in Active Directory, a user called John Doe might have a DN of CN=Jane Doe,OU=Editing,DC=nytimes,DC=com. You may recognize the following attributes from this DN:
- Common Name (
CN=...) - Organizational Unit (
OU=...) - Domain Component (
DC=...)
Special characters like , that are part of a RDN can be escaped with a backslash (e.g., CN=Doe\, Jane,OU=Editing...).