Managing Security and User Access PDF
External Security: Active Directory > Active Directory Overview > Active Directory Structure


Active Directory Structure

Active Directory organizes network objects in an LDAP-style hierarchical structure called a directory tree. The tree diagram in Figure 6-1 shows a typical Active Directory structure:

In this case, a user could be assigned to a group that has a DN (distinguished name) of:

cn=Project1,OU=TopSecret,OU=Accounts,OU=Stellent,dc=company,dc=com

where the group DN follows these LDAP conventions:

LDAP Abbreviation
LDAP Designation
Description

dc

domain component

Top-level unit that specifies the naming context.

OU

organizational unit

Typically represents a division, department, or other discrete business group. In an Oracle integration, roles and accounts are typically specified as OUs.

cn

common name

A typical lowest-level attribute in a DN, which identifies the unique name. For users, this could also be a “user ID” unit, or uid.

Copyright © 1996, 2007, Oracle. All rights reserved.