PLANNING

Hierarchical naming for servers and users
Hierarchical naming is the cornerstone of IBM® Domino® security; therefore planning it is a critical task. Hierarchical names provide unique identifiers for servers and users in a company. When you register new servers and users, the hierarchical names drive their certification, or their level of access to the system, and control whether users and servers in different organizations and organizational units can communicate with each another.

Before you install Domino servers, create a diagram of your company and use the diagram to plan a meaningful name scheme. Then create certifier IDs to implement the name scheme and ensure a secure system.

A hierarchical name scheme uses a tree structure that reflects the actual structure of a company. At the topmost (first) node of the tree is the organization name, which is usually the company name. After the organization name are organizational units, which you create to suit the structure of the company; you can organize the structure geographically, departmentally, or both.

A hierarchical name reflects a user's or server's place in the hierarchy and controls whether users and servers in different organizations and organizational units can communicate with each another. A hierarchical name may include these components:


An example of a hierarchical name that uses all of the components is:

Julia Herlihy/Sales/East/Renovations/US

Typically a name is entered and displayed in this abbreviated format, but it is stored internally in canonical format, which contains the name and its associated components, as shown in the following example:

CN=Julia Herlihy/OU=Sales/OU=East/O=Renovations/C=US

Note: You can use hierarchical naming with wildcards as a way to isolate a group of servers that need to connect to a given Domino server in order to route mail.

Related concepts
Certifier IDs and certificates
Planning a mail routing topology

Related tasks
Roadmap for deploying Domino servers