what is userDn and base in LDAP terminology

Question

I want to authenticate a user in LDAP using spring in java. I found that for configuration of LDAP with spring, I need urls, userDn, password & base values like shown below:

urls=ldap://127.0.0.1:389
userDn=cn=Directory Manager
password=abcd
base=dc=example,dc=com

My question is, what is exactly this userDn and base? What does these signifies? And which userDn value we need to specify in this configuration??

Answer 1

The base object is the point in the directory information tree (DIT) at which the search should begin constructing candidates for entries to return in the search result. The scope of the search search determine the depth of the tree as follows:

• subtree scope: the base object and al entries subordinate to the base object
• one: all objects immediately subordinate to the base object, but not including the base object.
• base: just the base object. base level search should always be used when the distinguished name is known.

The userDn in this case appears to be a distinguished name of a user that will authenticate to the directory using a BIND request.

see also

• LDAP Programming Practices