Ec (2); 1LDAP is a protocol used to publish directory information to many different resources. It is usually used as a centralized address book, but it can be more powerful according to the organizer's needs. The most basic form of LDAP is a standard method for connecting to the database. The database is optimized for read queries. Therefore, it can quickly obtain the query results, but it is much slower in other aspects, such as updates. It is important to note that LDAP is usually used as a hierarchal database, rather than a relational number. script ec (2); script
1. What is LDAP?
LDAP is a protocol used to publish directory information to many different resources. It is usually used as a centralized address book, but it can be more powerful according to the organizer's needs.
The most basic form of LDAP is a standard method for connecting to the database. The database is optimized for read queries. Therefore, it can quickly obtain the query results, but it is much slower in other aspects, such as updates. It is important to note that LDAP is usually used as a hierarchal database, rather than a relational database. Therefore, its structure is better to represent in a tree than in a table. Because of this, you cannot use SQL statements.
In short, LDAP is a quick way to obtain centralized and static data about people or resources.
LDAP is the abbreviation of Lightweight Directory Access Protocol. It is actually a phone number book, similar to what we use, such as NIS (Network Information Service), DNS (Domain Name Service) and other network directories are similar to the trees you see in the garden.
LDAP is an extraordinary database. But LDAP is different from general databases. It is very important to understand this point. LDAP optimizes the query performance, which is much better than the Write Performance of LDAP.
1.1 LDAP storage rules
Distinguished Name (DN, Distinguished Name)
Different from trees in nature, each leaf in the file system/LDAP/telephone address book directory has at least one unique attribute, which can help us differentiate these branches.
In a file system, these unique attributes are file names with full paths. For example,/etc/passwd, the file name is unique under this path. Of course we can have/usr/passwd,/opt/passwd, but they are still unique based on their complete paths.
In LDAP, the distinguished name of an entry is "dn" or "Distinguished Name. This name is always unique in a directory. For example, my dn is "uid = aghaffar, ou = People, o = developer. ch ". There cannot be the same dn, but we can have dn for example, "uid = aghaffar, ou = Administrators, o = developer. ch. This is similar to the example of/etc/passwd and/usr/passwd in the file system.
We have unique attributes: uid in "ou = Administrators, o = developer. ch" and uid in "ou = People, o = developer. ch. This is not a conflict.
CN = Common Name is the user Name or server Name. It can contain a maximum of 80 characters and can be Chinese characters;
OU = Organization Unit is an organizational Unit. It can contain up to four levels. Each level can contain up to 32 characters and can contain Chinese characters;
O = Organization is the name of the Organization, which can be 3