Both users and applications are affected by the naming conventions that directory services use. To locate network resources, users and applications must know the name or some property of the resource. Active Directory supports many naming conventions, which allows users and applications to use the format with which they are most familiar when accessing resources in Active Directory.
Every object in Active Directory has a distinguished name. The distinguished name identifies the domain where the object is located, in addition to the complete path by which the object is reached. A typical distinguished name is:
DC=com,DC=contoso,CN=Users,CN=James Smith
This distinguished name identifies the James Smith user object in the contoso.com domain. (In the distinguished name, DC is the abbreviation for domain component, and CN is the abbreviation for common name.)
The relative distinguished name of an object is the part of the distinguished name that is an attribute of the object. In the preceding example, the relative distinguished name of the James Smith user object is James Smith. The relative distinguished name of the parent object is Users.
The user principal name of a user object is composed of the user's logon name and the DNS name of the domain where the user object resides. For example, user James Smith in the contoso.com domain might have a user principal name of JamesS@contoso.com. The user principal name can be used to log on to the network. An administrator can define additional suffixes for user principal names, if required.
The globally unique identifier (GUID) is a 128-bit number that is guaranteed to be unique. Windows 2000 assigns a GUID to objects when they are created. The GUID never changes, even if you move or rename the object. Applications can store the GUID of an object and be able to retrieve that object even if the distinguished name of the object changes.
Distinguished names are guaranteed to be unique in the forest. Active Directory does not permit two objects with the same relative distinguished name under the same parent container. By definition, GUIDs are unique. User principal names are required to be unique, but Active Directory does not enforce this requirement, so it is possible to have duplicate user principal names.