Re: newbie slapd.conf question

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 04:48 PM 4/20/00 +0000, Peter Armstrong wrote:
>dc stands for domain component.  So in the domain foo.com, foo and com are
>domain components.
>
>So you can represent foo.com as
>
>dc=foo,dc=com
>
>or
>
>o=foo.com
>
>Both of them accomplish the goal of getting a globally unique name for the
>foo.com organization (if everyone plays nice and uses domain names).

The goal for a DN is to be globally unique names which can be located.
Finding servers hosting DNs with DC naming is well understood and
implementable.  Finding servers hosting registered X.500 style
names (o=Org,c=XX) is well understood and implementable.  Finding a
server for some DN you pulled out of your thin air is not.

>Which to choose?

If you want your server to be found, use DC or X.500 naming (see
archives for pro and con discussions).  I personally prefer DC
naming as location leverages the Internet's well established
location service.

>I choose dc=foo,dc=com since it is advocated in an RFC (I forget
>which), and if you can refer someone to an RFC you are usually safe :-)
>
>cheers,
>peter
>
>marcr@crt.com wrote:
>
>> When looking at slapd.conf there are two lines as follows:
>>
>>         suffix "dc=my-domain, dc=com"
>>         # suffix "o=My Organization Name, c=US"
>>
>> What is the "dc="?  How do these two lines differ?  Is this documented
>> anywhere (I couldn't find it on the man pages/faq/mailing list anywhere)?
>> When I look at the U of M admin guide it doesn't show the dc syntax
>> anywhere, just the o=?  I'm just trying to get a complete understanding of
>> what is going on.
>>
>> thanks for the patience,
>> Marc
>
>