You have great examples of dns in your email: >>>> dn: dc=shadshed,dc=com >>>> dn: cn=admin,dc=shadshed,dc=com >>>> dn: uid=jdw,ou=People,dc=shadshed,dc=com
When OpenLDAP software expects a <dn> argument, it knows it's a dn and does not expect a "dn: " label. So, for instance: ldapwhoami -D "cn=admin,dc=shadshed,dc=com" would be OK. ldapwhoami -D "admin" for instance, where "admin" is not a dn, would not be OK. Neither would ldapwhoami -D "dn: uid=jdw,ou=People,dc=shadshed,dc=com" because the "dn: " label is not proper dn syntax (it's just cluing you that it IS a dn). You can and likely should read the RFCs for more information about DNs. I think they're in the doc/ directory (if they're not, google for them).
