CN、OU和DC是LDAP搜索中用于定位目录信息树中节点的关键概念。CN代表通用名称,OU代表组织单位,DC代表域组件。查询从右到左读取,从根(DC)开始,逐步定位到目标节点(如组织单位和具体对象)。在实际应用中,这些组件组合成DN,用于唯一标识目录中的条目。
本文翻译自:What are CN, OU, DC in an LDAP search?
I have a search query in LDAP like this. 我在这样的LDAP中有一个搜索查询。 What exactly does this query mean? 这个查询究竟是什么意思?
("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");
#1楼
参考:https://stackoom.com/question/1GhTE/LDAP搜索中的CN-OU-DC是什么
#2楼
-
CN= Common NameCN=通用名称 -
OU= Organizational UnitOU=组织单位 -
DC= Domain ComponentDC=域组件
These are all parts of the X.500 Directory Specification, which defines nodes in a LDAP directory. 这些是X.500目录规范的所有部分,它定义了LDAP目录中的节点。
You can also read up on LDAP data Interchange Format ( LDIF ) , which is an alternate format. 您还可以阅读LDAP数据交换格式( LDIF ) ,这是一种替代格式。
You read it from right to left, the right-most component is the root of the tree, and the left most component is the node (or leaf) you want to reach. 您从右到左阅读它,最右边的组件是树的根,最左边的组件是您想要到达的节点(或叶子)。
Each = pair is a search criteria. 每个=对是搜索条件。
With your example query 使用您的示例查询
("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");
In effect the query is: 实际上查询是:
From the com Domain Component, find the google Domain Component, and then inside it the gl Domain Component and then inside it the gp Domain Component. 从com域组件中,找到google Domain Component,然后在其中找到gl Domain Component,然后在其中找到gp Domain Component。
In the gp Domain Component, find the Organizational Unit called Distribution Groups and then find the the object that has a common name of Dev-India . 在gp域组件中,找到名为“ Distribution Groups的组织单位,然后找到具有公共名称Dev-India 。
#3楼
What are CN, OU, DC? 什么是CN,OU,DC?
From RFC2253 (UTF-8 String Representation of Distinguished Names) : 来自RFC2253(专有名称的UTF-8字符串表示) :
String X.500 AttributeType ------------------------------ CN commonName L localityName ST stateOrProvinceName O organizationName OU organizationalUnitName C countryName STREET streetAddress DC domainComponent UID userid
What does the string from that query mean? 该查询的字符串是什么意思?
The string ( "CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" ) is a path from an hierarchical structure ( DIT = Directory Information Tree ) and should be read from right (root) to left (leaf). 字符串( "CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" )是来自层次结构 ( DIT =目录信息树 )的路径,应该被读取从右 (根) 到左 (叶)。
It is a DN (Distinguished Name) (a series of comma-separated key/value pairs used to identify entries uniquely in the directory hierarchy). 它是DN (专有名称)(用于在目录层次结构中唯一标识条目的一系列逗号分隔的键/值对)。 The DN is actually the entry's fully qualified name. DN实际上是条目的完全限定名称。
Here you can see an example where I added some more possible entries. 在这里,您可以看到我添加了一些可能的条目的示例。
The actual path is represented using green. 实际路径使用绿色表示。
The following paths represent DNs (and their value depends on what you want to get after the query is run): 以下路径表示DN(它们的值取决于运行查询后要获取的内容):
-
"DC=gp,DC=gl,DC=google,DC=com" -
"OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" -
"OU=People,DC=gp,DC=gl,DC=google,DC=com" -
"OU=Groups,DC=gp,DC=gl,DC=google,DC=com" -
"CN=QA-USA,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" -
"CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com" -
"CN=Ted Owen,OU=People,DC=gp,DC=gl,DC=google,DC=com"
扫一扫
5261
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
