ChatGPT解决这个技术问题 Extra ChatGPT

What are CN, OU, DC in an LDAP search?

I have a search query in LDAP like this. What exactly does this query mean? 

("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");
It does not work, You do not have a proper LDAP Query. What you have is a fully distinguished name probably from a Active Directory Entry. Perhaps you should explain what you are trying to accomplish.
check this rlmueller.net/…

P
Pang

CN = Common Name

OU = Organizational Unit

DC = Domain Component

These are all parts of the X.500 Directory Specification, which defines nodes in a LDAP directory.

You can also read up on LDAP data Interchange Format (LDIF), which is an alternate format.

You read it from right to left, the right-most component is the root of the tree, and the left most component is the node (or leaf) you want to reach.

Each = pair is a search criteria.

With your example query 

("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");

In effect the query is:

From the com Domain Component, find the google Domain Component, and then inside it the gl Domain Component and then inside it the gp Domain Component.

In the gp Domain Component, find the Organizational Unit called Distribution Groups and then find the object that has a common name of Dev-India.

These are all part of the X.500 Directory specification, Distinguised Name component. Nothing specifically to do with LDIF at all. LDIF is not "how the LDAP tree is 'filtered'": that's the LDAP syntax specification, which is another thing altogether.
TIL X.509 is an extension of X.500, eg TLS is based on LDAP :grumpycat: (This is a huge oversimplification)
@EJP How do I ask for several objects by their CN? Like if I want Dev-India2 along with Dev-India?
@arrowd read ldap.com/ldap-filters. You could use the OR operator (a pipe follwed by the entries) or the SUBSTRING operator (star operator). OR > (|(cn=Dev-India2)(cn=Dev-India)) SUBSTRING > (cn=Dev-India*)
C
Community

What are CN, OU, DC?

From RFC2253 (UTF-8 String Representation of Distinguished Names):

String X.500 AttributeType 

------------------------------
CN      commonName
L       localityName
ST      stateOrProvinceName
O       organizationName
OU      organizationalUnitName
C       countryName
STREET  streetAddress
DC      domainComponent
UID     userid

The string ("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com") is a path from an hierarchical structure (DIT = Directory Information Tree) and should be read from right (root) to left (leaf).

It is a DN (Distinguished Name) (a series of comma-separated key/value pairs used to identify entries uniquely in the directory hierarchy). The DN is actually the entry's fully qualified name.

Here you can see an example where I added some more possible entries. The actual path is represented using green.

https://i.stack.imgur.com/0XJKi.png

The following paths represent DNs (and their value depends on what you want to get after the query is run):

"DC=gp,DC=gl,DC=google,DC=com"

"OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com"

"OU=People,DC=gp,DC=gl,DC=google,DC=com"

"OU=Groups,DC=gp,DC=gl,DC=google,DC=com"

"CN=QA-Romania,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com"

"CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com"

"CN=Diana Anton,OU=People,DC=gp,DC=gl,DC=google,DC=com"

Any idea why you may get an empty remaining name? For this there is actually an open bounty on it
@ROMANIA_engineer, if I am logged in my windows machine (client) where can I get this information?
I know this post is quite old, yet, for the googlers (like me) that search for an answer on @ArtanisZeratul question for the information: this answer helped me on that, if you look for the servers just try with nslookup: nslookup -type=srv _ldap._tcp.MY.DOMAIN
Also, for those that need deeper information about the structure of the AD they're in (and do not have something like an Admin Console to look it up) you can use the ADSI editor provided by Windows (access via MMC) - how to access ADSI Edit
f
fgul

I want to add somethings different from definitions of words. Most of them will be visual.

Technically, LDAP is just a protocol that defines the method by which directory data is accessed.Necessarily, it also defines and describes how data is represented in the directory service

https://i.stack.imgur.com/cxKaO.png

To navigate the DIT we can define a path (a DN) to the place where our data is (cn=DEV-India,ou=Distrubition Groups,dc=gp,dc=gl,dc=google,dc=com will take us to a unique entry) or we can define a path (a DN) to where we think our data is (say, ou=Distrubition Groups,dc=gp,dc=gl,dc=google,dc=com) then search for the attribute=value or multiple attribute=value pairs to find our target entry (or entries).

https://i.stack.imgur.com/iF4C7.png

If you want to get more depth information, you visit here

C
Craig Rodrigues

At least with Active Directory, I have been able to search by DistinguishedName by doing an LDAP query in this format (assuming that such a record exists with this distinguishedName): 

"(distinguishedName=CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com)"

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now

HuntsBot,a one-stop outsourcing task, remote job, product ideas sharing and subscription platform, which supports DingTalk, Lark, WeCom, Email and Telegram robot subscription. The platform will push outsourcing task requirements, remote work opportunities, product ideas to every subscribed user with timely, stable and reliable.

简体中文 English

Platform

Support

Contact US

Any questions or suggestions during use, you can contact us in the following ways:

Email: huntsbot@xinbeitime.com

Copyright© 2022-2023 www.huntsbot.com 浙ICP备2022000860号-4 All Rights Reserved.