Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

2.2.1.1 Distinguished Names for Objects

Address book distinguished names (ABDNs) are used to uniquely identify objects in the address book. Throughout the rest of this specification, the term distinguished name (DN) (1) is used to refer to an address book DN (1). Each Address Book object MUST have a unique DN (1) value, expressed as a NULL-terminated ASCII string. The DN (1) is stored in the PidTagEmailAddress property (section 2.2.3.14). The DN (1) is also embedded in the Distinguished Name field of the PermanentEntryID structure, as specified in [MS-NSPI] and [MS-OXNSPI] section 2.3.8.3.<4> DNs (1) are structured as shown in the following Augmented Backus-Naur Form (ABNF) definition, as specified in [RFC5234].

dn = organization-dn / 
  addresslist-dn / 
  x500-dn
organization-dn= org-rdn
addresslist-dn    = "/guid=" container-guid / 
  gal-addrlist-dn
container-guid= 32(HEXDIG)
gal-addrlist-dn = "/"
x500-dn    = x500-container-dn object-rdn
 ; x500-dns are limited to 16 levels
x500-container-dn = org-rdn org-unit-rdn 0*13(container-rdn)
org-rdn    = "/o=" rdn
org-unit-rdn = "/ou=" rdn
container-rdn = "/cn=" rdn
object-rdn  = "/cn=" rdn
rdn   = ( non-space-teletex ) / 
                 ( non-space-teletex *62(teletex-char)
   non-space-teletex )
  ; rdn values are limited to 64 characters
 ; the number of rdns is limited to 16 but the
 ; total cumulative length of rdn characters in
 ; An x500-dn is limited to 256.
teletex-char = SP / non-space-teletex
non-space-teletex= "!" / DQUOTE / "%" / "&" / "\" / "(" / ")" / 
  "*" / "+" / "," / "-" / "." / "0" / "1" / 
  "2" / "3" / "4" / "5" / "6" / "7" / "8" /
  "9" / ":" / "<" / "=" / ">" / "?" / "@" /
  "A" / "B" / "C" / "D" / "E" / "F" / "G" / 
  "H" / "I" / "J" / "K" / "L" / "M" / "N" / 
  "O" / "P" / "Q" / "R" / "S" / "T" / "U" / 
  "V" / "W" / "X" / "Y" / "Z" / "[" / "]" /
  "_" / "a" / "b" / "c" / "d" / "e" / "f" /
  "g" / "h" / "i" / "j" / "k" / "l" / "m" /
  "n" / "o" / "p" / "q" / "r" / "s" / "t" /
  "u" / "v" / "w" / "x" / "y" / "z" / "|"

DNs (1) for specific objects have a strict format, as shown in the following table.

Object type

DN format

Notes

Address book container

addresslist-dn

Global Address List container

gal-addrlist-dn

Mail user

x500-dn

The org-rdn string is the mail user's organization.

Organization

organization-dn

Store

x500-dn

The x500-container-dn is the mailbox server.

Mailbox server

x500-dn

The relative distinguished name (RDN) (2) in the object-rdn is the name of the mailbox server.

Room container reference

x500-dn with no container-rdn

The RDN (2) of the object-rdn matches the container-guid of the address book container.

All other Address Book objects

dn

When the DN (1) of an Address Book object that is obtained from an NSPI server matches the DN (1) of an Address Book object that is obtained from an OAB, the objects represent the same entity. The OAB SHOULD<5> include additional properties not available on the NSPI server. Properties SHOULD have the same value when present on both data sources. One exception to having the same value on both data sources is if the properties are truncated in the OAB, according to the limitations specified in [MS-OXOAB]. Another exception is if the value on an NSPI server has changed since the OAB was created, or if the NSPI server was restored from a backup after the OAB was created. In such a case, the NSPI server and the OAB are said to be "out of sync". That is, the data in the two sources reflects two different time periods.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.