The “Who am I?” extended request is defined in RFC 4532. It behaves much like the authorization identity request control in that it returns the authorization identity associated with the connection and it should always be in dn: form in the PingDirectory server, but this request can be issued at any time on a connection to retrieve the current authorization identity for that connection.