Hi Alain,
Je dirais que, comme presque tout dans la vie, ça dépend Now, seriously, it completely depends on your LDAP directory structure and how you manage your LDAP users. If you look at the following image, you can see theLDAP directory structure of the Windows 2012R2 Server I use to develop and test the LDAP authentication plugin. On the left side you see the familiar look of the "Active Directory Users and Computers" tool. On the right side, the same LDAP directory is browsed using the "AD Explorer" tool (that I mentioned in the other forum thread).
NOTICE: I've scaled the images down a bit so the fit in the forum, so they may look a bit blurry. If you right click on them and select "View image..." you'll get the full resolution image with more detail.
In addition to the standard AD containers (folders), I've created the "moodle" organizational unit hanging from the root of the directory tree (marked with (1) and (2) in the image). And inside it I've created several other organizational units (cursos, usuarios, estudiantes, profesores -yep, those are Spanish names-).
I could put my users inside the "Users" container (marked as (3) and (4) in the image), which is the default place for users in a newly setup Active Directory instance.
Or I could decide to create some additional container(s) (e.g., additional organizational units like "moodle", "cursos", "usuarios", etc) and put my users there. For this example, I've decided to put all my Moodle users in the "usuarios" container, inside the "moodle" container (marked (3) and (4) in the following image):
Now the question is, what do I need to use in Moodle LDAP authentication configuration as the "Context" setting in each case?
To answer that question, the easiest way is to use the "AD Explorer" tool. Launch the tool in one or your AD domain controllers, click on the "Connect" button (no need to fill any of the connections fields to connect to the controller you are running the tool on) and expand the branch named after your AD domain (DC=whatever,DC=local). There you'll find all the elements you've seen in "Active Directory Users and Computers" tool, plus a few others.
Now if you've put all your Moodle users in the "Users" container, click on that element. You should see something like the following image:
(1) Is your Moodle users container ("Users"), (2) is the Distinguished Name attribute of the object (the "path" for this particular object in your LDAP directory tree), and (3) and (4) are the value of the Distinguished Name for this object. This value is what you should use in the "Contexts" setting in Moodle. As you see in this particular case, the value starts with "CN=....".
In my case I've put all my Moodle users in "usuarios" container, inside "moodle" container. So I get something like the following image:
Again, (1) is my Moodle users container ("usuarios"), (2) is the Distinguished Name attribute and (3) and (4) are the value of the Distinguished Name for this object. As you see in my case (because I decided to put my users in a different container, that happens to be an Organizational Unit), the value starts with "OU=....".
So, to sum it up, it can be either "CN=...", or "OU=...", or even other things!!! (if you use LDAP servers that are not Active Directory).
Hope this clears it up a bit
Saludos.
Iñaki.