本文翻譯自:What are CN, OU, DC in an LDAP search?
I have a search query in LDAP like this. 我在這樣的LDAP中有一個搜索查詢。 What exactly does this query mean? 這個查詢究竟是什麼意思?
("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");
#1樓
參考:https://stackoom.com/question/1GhTE/LDAP搜索中的CN-OU-DC是什麼
#2樓
-
CN= Common NameCN=通用名稱 -
OU= Organizational UnitOU=組織單位 -
DC= Domain ComponentDC=域組件
These are all parts of the X.500 Directory Specification, which defines nodes in a LDAP directory. 這些是X.500目錄規範的所有部分,它定義了LDAP目錄中的節點。
You can also read up on LDAP data Interchange Format ( LDIF ) , which is an alternate format. 您還可以閱讀LDAP數據交換格式( LDIF ) ,這是一種替代格式。
You read it from right to left, the right-most component is the root of the tree, and the left most component is the node (or leaf) you want to reach. 您從右到左閱讀它,最右邊的組件是樹的根,最左邊的組件是您想要到達的節點(或葉子)。
Each = pair is a search criteria. 每個=對是搜索條件。
With your example query 使用您的示例查詢
("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");
In effect the query is: 實際上查詢是:
From the com Domain Component, find the google Domain Component, and then inside it the gl Domain Component and then inside it the gp Domain Component. 從com域組件中,找到google Domain Component,然後在其中找到gl Domain Component,然後在其中找到gp Domain Component。
In the gp Domain Component, find the Organizational Unit called Distribution Groups and then find the the object that has a common name of Dev-India . 在gp域組件中,找到名爲“ Distribution Groups的組織單位,然後找到具有公共名稱Dev-India 。
#3樓
What are CN, OU, DC? 什麼是CN,OU,DC?
From RFC2253 (UTF-8 String Representation of Distinguished Names) : 來自RFC2253(專有名稱的UTF-8字符串表示) :
String X.500 AttributeType ------------------------------ CN commonName L localityName ST stateOrProvinceName O organizationName OU organizationalUnitName C countryName STREET streetAddress DC domainComponent UID userid
What does the string from that query mean? 該查詢的字符串是什麼意思?
The string ( "CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" ) is a path from an hierarchical structure ( DIT = Directory Information Tree ) and should be read from right (root) to left (leaf). 字符串( "CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" )是來自層次結構 ( DIT =目錄信息樹 )的路徑,應該被讀取從右 (根) 到左 (葉)。
It is a DN (Distinguished Name) (a series of comma-separated key/value pairs used to identify entries uniquely in the directory hierarchy). 它是DN (專有名稱)(用於在目錄層次結構中唯一標識條目的一系列逗號分隔的鍵/值對)。 The DN is actually the entry's fully qualified name. DN實際上是條目的完全限定名稱。
Here you can see an example where I added some more possible entries. 在這裏,您可以看到我添加了一些可能的條目的示例。
The actual path is represented using green. 實際路徑使用綠色表示。
The following paths represent DNs (and their value depends on what you want to get after the query is run): 以下路徑表示DN(它們的值取決於運行查詢後要獲取的內容):
-
"DC=gp,DC=gl,DC=google,DC=com" -
"OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" -
"OU=People,DC=gp,DC=gl,DC=google,DC=com" -
"OU=Groups,DC=gp,DC=gl,DC=google,DC=com" -
"CN=QA-USA,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" -
"CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" -
"CN=Ted Owen,OU=People,DC=gp,DC=gl,DC=google,DC=com"