ldap - Base DN vs Root DN?

Question

How exactly can the term Base DN be distinguished from the term Root DN in the context of LDAP?

Is the Root DN the root of the directory tree ( e.g. dc=example,dc=com), while the Base DN is the DN from which I am currently running my queries (e.g. ou=beta,o=alpha,dc=example,dc=com)? Implying that the Base DN could be the Root DN - also apparently that would be a bad idea considering the administration of the data store.

Or are Root-DN and Base-DN two words for the same thing (e.g. dc= example,dc=com)?

question from:https://stackoverflow.com/questions/65830137/base-dn-vs-root-dn

Answer 1

Root dn is the dn with empty string ("") and root entry generally includes information about ldap server like supported controls, supported auth mechanisms etc.

"dc=example,dc=com" is an example of the domain name one level below the root dn.

Base dn concept is used for generally search operations and base dn implies the dn of the basis entry. So Root dn is not dc=example,dc=com. Base dn can be anything.