86 lines
5.8 KiB
HTML
86 lines
5.8 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Distinguished name" />
|
||
|
<meta name="abstract" content="Use this information to learn about how you can use distinguished name (DN) with the Lightweight Directory Access Protocol (LDAP)." />
|
||
|
<meta name="description" content="Use this information to learn about how you can use distinguished name (DN) with the Lightweight Directory Access Protocol (LDAP)." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzalvldapcncpts.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../rzahy/rzahyconcepts.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2002, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzalvtrmsldapdistname" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Distinguished name</title>
|
||
|
</head>
|
||
|
<body id="rzalvtrmsldapdistname"><a name="rzalvtrmsldapdistname"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Distinguished name</h1>
|
||
|
<div><p>Use this information to learn about how you can use distinguished
|
||
|
name (DN) with the Lightweight Directory Access Protocol (LDAP).</p>
|
||
|
<p>A distinguished name (DN) is a LDAP entry that uniquely identifies and
|
||
|
describes an entry in a directory (LDAP) server. You use the Enterprise Identity
|
||
|
Mapping (EIM) Configuration wizard to configure the directory server to store
|
||
|
EIM domain information. Because EIM uses the directory server to store EIM
|
||
|
data, you can use distinguished names as a means of authenticating to the
|
||
|
EIM domain controller. </p>
|
||
|
<p>Distinguished names consist of the name of the entry itself as well as
|
||
|
the names, in order from bottom to top, of the objects above it in the LDAP
|
||
|
directory. An example of a complete distinguished name could be <samp class="codeph">cn=Tim
|
||
|
Jones, o=IBM, c=US</samp>. Each entry has at least one attribute that is
|
||
|
used to name the entry. This naming attribute is called the relative distinguished
|
||
|
name (RDN™)
|
||
|
of the entry. The entry above a given RDN is called its <a href="rzalvtrmsldapparentdistname.htm#rzalvtrmsldapparentdistname">Parent distinguished name</a>.
|
||
|
In this example, <samp class="codeph">cn=Tim Jones</samp> names the entry, so it is the RDN. <samp class="codeph">o=IBM,
|
||
|
c=US</samp> is the parent DN for <samp class="codeph">cn=Tim Jones</samp>. </p>
|
||
|
<p>Because EIM uses the directory server to store EIM data, you can use a
|
||
|
distinguished name for the user identity that authenticates to the <a href="rzalveserverdmnctrlr.htm#rzalveserverdmnctrlr">domain
|
||
|
controller</a>. You also can use a distinguished name for the user identity
|
||
|
that configures EIM for your iSeries™ server. For example, you can use a distinguished
|
||
|
name when you do the following: </p>
|
||
|
<ul><li>Configure the directory server to act as the EIM domain controller. You
|
||
|
do this by creating and using the distinguished name that identifies the LDAP
|
||
|
administrator for the Directory server. If the Directory server has not been
|
||
|
configured previously, you can configure the Directory server when you use
|
||
|
the EIM Configuration wizard to create and join a new domain.</li>
|
||
|
<li>Use the EIM Configuration wizard to select the type of user identity the
|
||
|
wizard should use to connect to the EIM domain controller. Distinguished name
|
||
|
is one of the user types that you can select. The distinguished name must
|
||
|
represent a user who is authorized to create objects in the local namespace
|
||
|
of the Directory server.</li>
|
||
|
<li>Use the EIM Configuration wizard to select the type of user to perform
|
||
|
EIM operations on behalf of operating system functions. These operations include
|
||
|
mapping lookup operations and deleting associations when deleting a local i5/OS™ user
|
||
|
profile. Distinguished name is one of the user types that you can select. </li>
|
||
|
<li>Connect to the domain controller to do EIM administration, for example,
|
||
|
to manage registries and identifiers and to perform mapping lookup operations.</li>
|
||
|
<li>Create certificate filters to determine the scope of a certificate filter
|
||
|
policy association. When you create a certificate filter, you must supply
|
||
|
distinguished name information for either the Subject DN or the Issuer DN
|
||
|
or the certificate to specify the criteria that the filter uses to determine
|
||
|
which certificates are affected by the policy association.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalvldapcncpts.htm" title="This information explains how to use a Lightweight Directory Access Protocol (LDAP) with Enterprise Identity Mapping (EIM).">LDAP concepts for EIM</a></div>
|
||
|
</div>
|
||
|
<div class="relinfo"><strong>Related information</strong><br />
|
||
|
<div><a href="../rzahy/rzahyconcepts.htm">Directory server concepts</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|