Cause: LDAP clients not configured with a search base attempting to search against the directory server.
Consequence: There was no easy way to determine what default search base to use.
Change: Added a new attribute to the root DSE (the entry with the empty dn "") called defaultNamingContext. This allows clients to easily discover what search base to use.
Result: Clients can query the root DSE for the defaultNamingContext, then use that to search for users, etc.