How unique must Distinguished Names be?

Ed Oskiewicz (
Thu, 01 Aug 1996 15:26:41 +0100

I am designing an internal LDAP-based directory using information extracted
from a master internal contact database. I am confused about whether DNs
must be ambiguous, let me explain with an example.

My instinct is to create the directory using entries like

dn: cn=J Soap, o=BT plc, c=gb
<lots of other attributes>

The problem is that Names and initials are not unique (we employ 130K people
and have lots of clashes). Assuming that entries were always distinct what
(if anything) would slapd do if I added an entry with an existing DN
(refuse, create a new entry, overwrite the existing one).

I am proceeding on the assumption that I must disambiguate the DN by
introducing extra attributes, e.g:

dn: uid=<unique code>, cn=J Soap, o=BT plc, c=gb

The trouble is that this makes DNs ugly and I hate it, is there a better


Ed Oskiewicz

      B54/76, BT Labs, Martlesham Heath, Ipswich, Suffolk, UK, IP5 7RE,
		  Tel +44 1473 640896, Fax +44 1473 640929