For authenticating user and determing the roles given to this user, Hudson performs
multiple LDAP queries.
Since an LDAP database is conceptually a big tree and the search is performed recursively,
in theory if we can start a search starting at a sub-node (as opposed to root), you get
a better performance because it narrows down the scope of a search.
This field specifies the DN of such a subtree.
But in practice, LDAP servers maintain an extensive index over the data, so specifying
this field is rarely necessary — you should just let Hudson figure this out
by talking to LDAP.
If you do specify this value, the field normally looks something like "dc=sun,dc=com"