PPT Slide
DIT Design: Selecting a Distinguished Name
uid=smithMJ, ou=People, o=Perot Systems, c=US
+ DN Guaranteed to be unique
+ More robust searching using name components
+ commonName (cn) field contains a real name
+ Browser shows more useful information (although not as ideal as a full name)
+ Directly maps to a user’s logon ID (can be used for single signon)
- DN has the potential to change if the name or UID changes
- Entrust product requires the commonName (cn) to be part of the DN.