This is the most simple of an LDAP entry I saw the introduction, specially reprinted over. Description link
First you have to understand what is LDAP, then I read a lot to explain, but also foggy, not clear. Here to tell you a little stroke of a stroke.
First, LDAP is a protocol, LDAP supports TCP / IP. Agreement is standard, and abstract. Under this standard, AD (Active Directory) is Microsoft set out to achieve.
AD What is it? For the time being it understood as a database. A lot of people say directly to the LDAP database (LDAP can be understood as a database for storing data). Like other databases, like, LDAP also have client side and server side. server-side resources are used to store, for operating CRUD operations such client.
And we usually say that the LDAP server refers to the running of the database.
AD = LDAP can be simply understood + LDAP server application.
LDAP database that what this special it?
We know that, like the MySQL database, the data is recorded by a records exist in the table. The LDAP database, tree structure, the data stored on the leaf nodes. Consider the following analogy:
suppose you want an apple tree (a record), how do you tell the gardener its place? Of course, we must first explain what is the tree (dc, equivalent to the MYSQL DB), then from the root to the apple through which all "fork" (ou), this is Apple's last name (uid, equivalent to MySQL table's primary key id). All right! At this point we can clearly indicate the location of the apple, which is by the west side of the bifurcation and then by red-and-green ...... on the north fork of the tree, "Wai Bo tree" east of the bifurcation, fainted! You go directly to climb!
So a record can be clearly described on the "tree" of the.
LDAP talk about how to define a position where a record of it.
树(dc=ljheee)
分叉(ou=bei,ou=xi,ou= dong)
苹果(cn=redApple)
好了,redApple的位置出来了:
dn:cn=honglv,ou=bei,ou=xi,ou=dong,dc=ljheee
其中dn标识一条记录,描述了一条数据的详细路径。
Hey! Some people question why ou have multiple values? Think about it, from the roots to reach Apple's position, it may take several branches, all ou may have multiple values. On the back of a long list of dn, respectively cn, ou, dc; separated by commas.
To summarize LDAP tree database as follows:
dn :一条记录的详细位置
dc :一条记录所属区域 (哪一颗树)
ou :一条记录所属组织 (哪一个分支)
cn/uid:一条记录的名字/ID (哪一个苹果名字)
The very top is the root of the LDAP directory tree, the so-called "base DN".
Why use an LDAP directory tree to store data with MySQL will not do it, why we must come up with a tree database?
This is because the data is stored using a tree structure, higher query efficiency (specifically why, can look at the relational database index of realization of the principle --B tree / B + tree). Under certain scenarios, the use of a tree database better. For example: the need to store large amounts of data, but the data is not frequently change, take a quick look.
It compared with traditional relational databases, LDAP features in addition to quickly find and use it there are a lot of scenes, such as domain verification.
