Well if you're reading this then you must have some task to do using active directory. I feel for you. Thats why I'm here too.
LDAP stands for Lightweight Directory Access Protocol. Directory access comes from telephone standards that were converted to digital equivalents in the 1980s. LDAP is a protocol to search over a Directory Server.
AD has a naming convention, and theres a lot of names. I would spend some time getting an overview of those first.
Abbreviations and definitions
- entry
- Like an object, has a set of attributes
- attribute
- cn
- Common name, like 'Bob smith'
- A key and value/values as part of a schema
- dn
- the 'distinguished name', distinguished meaning it is authoritative, meaning an absolute resource - the object. Like an absolute path and file name, but it goes right to left. This is made up of the cn and the rdn (below)
- rdn
- the 'relative distinguished name', the path to the entry, meaning the path of all parents
- ou
- Organisational unit
- Active Directory
- A database that stores and keeps track of all user accounts and passwords in an organisation. It is subdivided into one or more domains.
- Active Directory Realm
- The ADS realm is the Active Directory domain suffix that is appended to all hosts that have joined the domain.
- Domain
- A domain is a logical group of network objects (computers, users, devices) that share the same Active Directory database. A tree is a collection of one or more domains and domain trees in a contiguous namespace, linked in a transitive trust hierarchy. At the top of the structure is the forest.
- sAMAccountName
- Security account manager
- dc
- 'Domain component', formatted 'DC=example,DC=com'
From wikipedia:
dn: cn=John Doe,dc=example,dc=com
cn: John Doe
givenName: John
sn: Doe
telephoneNumber: +1 888 555 6789
telephoneNumber: +1 888 555 1232
mail: john@example.com
manager: cn=Barbara Doe,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
So the 'dn' above would be the actual resource being referred to. The dc, or 'domain component', refers to the parents of the current entry. The 'cn' would refer to the 'rdn', meaning the name of the entry or 'common name'. 'dc' is domain component. 'ou', organisation unit.