While on the road to obtaining an MCSE or an MCSA you will undoubtedly run into the terms distinguished name or user principal name. Understanding the difference between these naming conventions will put you one step closer to exam success.

Active Directory supports a variety of different naming conventions such as distinguished names, relative distinguished names, user principal names, and globally unique identifiers. Each object you create within active directory can be identified by one of these naming conventions.

Distinguished Name
Each object that is created within Active Directory is assigned a distinguished name or DN. It uniquely identifies the object as well as its location within the active directory hierarchy.

For example, let’s say you create a user account within A.D for the user named Diana Huggins. The DN for the user account may look similar to the following:

/DC=COM/DC=BAYSIDE/OU=USERS/OU=SALES/CN=DHUGGINS

The DC attribute identifies the domain which in this case is BAYSIDE.COM. The OU attribute identifies the complete path to the location of the object within the Active Directory hierarchy. In the example the object is located in the SALES OU which stores user accounts for members of the Sales department. The CN attribute represents the first and last name of the user. Keep in mind as well that all objects within an A.D. hierarchy must have a unique distinguished name.

Relative Distinguished Names
Searching for an object by its distinguished name can be difficult especially if you don’t know its exact location. The relative distinguished name (RDN) is part of the name that is an actual attribute of the object and it allows you to search for an object based on one of its attributes.
The RDN is part of the DN that uniquely identifies the object within its container. In the example used above, the RDN for the user account would be DHUGGINS. This in turn means that no two objects within the same container can have the same RDN, meaning you could not have two DHUGGINS within the Sales OU. However objects within the hierarchy can have the same RDN if they are in different containers because they would have unique DNs.

User Principal Names
Since the syntax of DNs and the actual names themselves can be difficult to remember, you can also use user principal names (UPN) which are shorter than DNs and easier to remember. The UPN is made up of a shorthand name for the user followed by the domain name in which the account resides. For example, the user Diana Huggins has a user account in the BAYSIDE domain. The UPN for the account may look something similar to  DHuggins at bayside.com.

Globally Unique Identifiers
Every object created within A.D is assigned a Globally Unique Identifier (GUID) that becomes the objects permanent identifier. A GUID is a 128 bit number that is guaranteed to be unique across all domains. The GUID assigned to an object never changes even if the object is renamed or moved. This is unlike distinguished names and relative distinguished names that change when an object is moved or renamed.