LDAP是輕量目錄訪問協(xié)議(Lightweight Directory Access Protocol)的縮寫，LDAP是從X.500目錄訪問協(xié)議的基礎(chǔ)上發(fā)展過來的．

特點：

LDAP的結(jié)構(gòu)用樹來表示，而不是用表格。正因為這樣，就不能用SQL語句了

LDAP可以很快地得到查詢結(jié)果，不過在寫方面，就慢得多

LDAP提供了靜態(tài)數(shù)據(jù)的快速查詢方式

Client/server模型，Server 用于存儲數(shù)據(jù)，Client提供操作目錄信息樹的工具

這些工具可以將數(shù)據(jù)庫的內(nèi)容以文本格式（LDAP 數(shù)據(jù)交換格式，LDIF）呈現(xiàn)在您的面前

LDAP是一種開放Internet標準，LDAP協(xié)議是跨平臺的Interent協(xié)議

http://stackoverflow.com/questions/18756688/what-are-cn-ou-dc-in-an-ldap-search

CN = Common Name

OU = Organizational Unit

DC = Domain Component

You read it from right to left, the right-most component is the root of the tree, and the left most component is the node (or leaf) you want to reach.

https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format

dn

distinguished name

This refers to the name that uniquely identifies an entry in the directory.

dc

domain component

This refers to each component of the domain. For example www.google.com would be written as DC=www,DC=google,DC=com

ou

organizational unit

This refers to the organizational unit (or sometimes the user group) that the user is part of. If the user is part of more than one group, you may specify as such, e.g., OU= Lawyer,OU= Judge.

cn

common name

This refers to the individual object (person's name; meeting room; recipe name; job title; etc.) for whom/which you are querying.

dn: cn=The Postmaster,dc=example,dc=com

objectClass: organizationalRole

cn: The Postmaster