LDAP:什么是DN(Distinguished Names)
1. DN与RDN
在LDAP协议中,DN用于指向一个LDAP对象,DN由一系列RDN(relative distinguished names)组成,RDN之间用“逗号”隔开,它是一个键值对,格式为:
attribute=value
下表列出了常见的RDN属性的类型:
| String | Attribute type |
|---|---|
| DC | domainComponent |
| CN | commonName |
| OU | organizationalUnitName |
| O | organizationName |
| STREET | streetAddress |
| L | localityName |
| ST | stateOrProvinceName |
| C | countryName |
| UID | userid |
以下是一些常见的DN:
CN=Users,DC=lesca,DC=bit
CN=Jeff Smith,OU=Sales,DC=Fabrikam,DC=COM
2. DN中的保留字符与转义
下表列出了DN中不能使用的保留字符,它们有特殊用途:
| Reserved character | Description | Hex value |
|---|---|---|
| space or # character at the beginning of a string | ||
| space character at the end of a string | ||
| , | comma | 0x2C |
| + | plus sign | 0x2B |
| “ | double quote | 0x22 |
| \ | backslash | 0x5C |
| < | left angle bracket | 0x3C |
| > | right angle bracket | 0x3E |
| ; | semicolon | 0x3B |
| LF | line feed | 0x0A |
| CR | carriage return | 0x0D |
| = | equals sign | 0x3D |
| / | forwards slash | 0x2F |
例如,如果在DN中含有“逗号”需要转义:
CN=Litware,OU=Docs\, Adatum,DC=Fabrikam,DC=COM
又如下面的DN含有“换行符”(CR, 0X0d):
CN=Before\0DAfter,OU=Test,DC=North America,DC=Fabrikam,DC=COM
Reference:
版权声明
本文出自 Lesca 技术宅,转载时请注明出处及相应链接。
本文永久链接: https://www.lesca.cn/archives/what-is-distinguished-names.html
