Meaning of the CN, OU, DC in LDAP

1.

Storage rules for LDAP

Distinguished Name (dn,distinguished name)

Unlike the trees in the natural world, the filesystem/ldap/has at least one unique attribute for each leaf in the directory, and this attribute can help us to differentiate the foliage.

In the file system, these unique attributes are file names with full paths. For example,/etc/passwd, the file name is unique under this path. Of course we can have/usr/passwd,/opt/passwd, but according to their full path, they are still unique.

In LDAP, the distinguished name of an entry is called a "DN" or a distinction named. This name is always unique in a directory. For example, my DN is "Uid=aghaffar, Ou=people, o=developer.ch". It is not possible to have the same DN, but we can have a DN such as "Uid=aghaffar, Ou=administrators, o=developer.ch". This is similar to the example of/etc/passwd and/USR/PASSWD in the file system above.

We have unique attributes, UID in "ou=administrators, o=developer.ch" and uid in "Ou=people, o=developer.ch". This is not contradictory.

Cn=common name is a user name or server name and can be up to 80 characters long and can be in Chinese;

Ou=organization Unit is an organizational unit, can have a maximum of four levels, a maximum of 32 characters per level, can be Chinese;

O=organization is the name of the organization and can be 3-64 characters in length

C=country is a country name, optional, 2 characters in length

The LDAP directory stores record items in a series of "property pairs", each of which includes attribute types and attribute values (which is fundamentally different from the relational database accessing data using rows and columns).

2.

CN, OU, DC are the distinguished names in the end strings of the LDAP connection server (DN, distinguished name)
The connection string format for the LDAP connection server is: LDAP://SERVERNAME/DN
Where the DN has three attributes, namely CN,OU,DC
LDAP is a communication protocol, as HTTP is a protocol!
In the LDAP directory,

· DC (Domain Component)

· CN (Common Name)

· OU (Organizational Unit)

The LDAP directory is similar to the file system directory.
The following directories:
Dc=redmond,dc=wa,dc=microsoft,dc=com
If we are analogous to a file system, it can be seen as the following file path:
Com\microsoft\wa\redmond
Example: cn=test,ou=developer,dc=domainname,dc=com
In the preceding code, Cn=test may represent a user name, and Ou=developer represents an organizational unit in Active Directory. The meaning of this sentence may be that the test object is in the Developer organizational unit of the domainname.com domain.

Meaning of the CN, OU, DC in LDAP