• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】轻型目录访问协议是什么

问答 admin 2年前 (2020-09-02) 936次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

轻型目录访问协议(LDAP)是一个开放的,中立的,工业标准的应用协议,通过IP协议提供访问控制和维护分布式信息的目录信息。目录服务在开发内部网和与互联网程序共享用户、系统、网络、服务和应用的过程中占据了重要地位

Lightweight Directory Access Protocol (LDAP) is an open, neutral, industry standard application protocol. It provides access control and maintains directory information of distributed information through IP protocol. Directory service plays an important role in the process of developing intranet and sharing users, systems, networks, services and applications with Internet programs

轻型目录访问协议(英文:Lightweight Directory Access Protocol,缩写:LDAP,/ˈɛldæp/)是一个开放的,中立的,工业标准的应用协议,通过 IP 协议提供访问控制和维护分布式信息的目录信息。

Lightweight Directory Access Protocol (abbreviated as: LDAP, / ˈɛɛæ P /) is an open, neutral, industry standard application protocol. It provides access control and maintains directory information of distributed information through IP protocol.

目录服务在开发内部网和与互联网程序共享用户、系统、网络、服务和应用的过程中占据了重要地位。例如,目录服务可能提供了组织有序的记录集合,通常有层级结构,例如公司电子邮件目录。同理,也可以提供包含了地址和电话号码的电话簿。

Directory service plays an important role in the process of developing intranet and sharing users, systems, networks, services and applications with Internet programs. For example, a directory service might provide an organized collection of records, usually with a hierarchy, such as a corporate email directory. In the same way, you can also provide a phone book with an address and a phone number.

LDAP 由互联网工程任务组(IETF)的文档 RFC 定义,使用了描述语言 ASN.1 定义。最新的版本是版本 3,由 RFC 4511 所定义。例如,一个用语言描述的 LDAP 的搜索如:“在公司邮件目录中搜索公司位于那什维尔名字中含有“Jessy”的有邮件地址的所有人。请返回他们的全名,电子邮件,头衔和简述。”

LDAP is defined by the document RFC of Internet Engineering Task Force (IETF) and is defined by description language ASN. 1. The latest version is version 3, as defined in RFC 4511. For example, a linguistically described LDAP search would be: “search the company email directory for all people with email addresses whose company is located in Nashville and whose name contains” Jessy. “. Please return their full name, email, title and brief description. “

LDAP 的一个常用用途是单点登录,用户可以在多个服务中使用同一个密码,通常用于公司内部网站的登录中(这样他们可以在公司计算机上登录一次,便可以自动在公司内部网上登录)。

A common use of LDAP is single sign on, where users can use the same password in multiple services, which is usually used to log in to the company’s internal website (so that they can log in once on the company’s computer, and they can automatically log in on the company intranet).

LDAP 基于 X.500 标准的子集。因为这个关系,LDAP 有时被称为 X.500-lite。

X.500 is based on the standard for a subset of LDAP. Because of this relationship, LDAP is sometimes referred to as x.500-lite.

概述

summary

鉴于原先的目录访问协议(Directory Access Protocol 即 DAP)对于简单的互联网客户端使用太复杂,IETF 设计并指定 LDAP 做为使用 X.500 目录的更好的途径。LDAP 在 TCP/IP 之上定义了一个相对简单的升级和搜索目录的协议。

In view of the complexity of the original directory access protocol (DAP) for simple Internet clients, IETF designs and designates LDAP as a better way to use X.500 directory. LDAP defines a relatively simple protocol to upgrade and search directory over TCP / IP.

常用词”LDAP 目录”可能会被误解,而实际并没有”LDAP 目录”这么一个目录种类。通常可以用它来描述任何使用 LDAP 协议访问并能用 X.500 标识符标识目录中对象的目录。与 ISODE 提供的 X.500 协议的网关相比,尽管 OpenLDAP 及其来自密歇根大学的前身等的目录基本上设计成专门为 LDAP 访问而优化的,但也没有比其他用 LDAP 协议访问的目录额外多出来所谓“LDAP 目录”。

The common word “LDAP directory” may be misunderstood, but there is no such directory category as “LDAP directory”. It can usually be used to describe any directory that uses the LDAP protocol to access objects in the directory with an X.500 identifier. Compared with the gateway of X.500 protocol provided by isode, although openldap and its predecessor from the University of Michigan are basically designed to be optimized for LDAP access, there is no extra so-called “LDAP directory” than other directories accessed with LDAP protocol.

协议的第三版由 Netscape 的 Tim Howes,ISODE 的 Steve Kille 和 Critical Angle Inc 的 Mark Wahl 撰写。

The third version of the protocol was written by hewe Inc. and Steve Hawke Inc.

协议内容

Content of the agreement

LDAP 目录与普通数据库的主要不同之处在于数据的组织方式,它是一种有层次的、树形结构。所有条目的属性的定义是对象类 object class的组成部分,并组成在一起构成 schema;那些在组织内代表个人的 schema 被命名为 white pages schema。数据库内的每个条目都与若干对象类联系,而这些对象类决定了一个属性是否为可选和它保存哪些类型的信息。属性的名字一般是一个易于记忆的字符串,例如用 cn 为通用名(common name)命名,而”mail”代表 e-mail 地址。属性取值依赖于其类型,并且 LDAPv3 中一般非二进制值都遵从 UTF-8 字符串语法。例如,mail 属性包含值“user@example.com”;jpegPhotos 属性一般包含 JPEG/JFIF 格式的图片。

The main difference between LDAP directory and common database is the organization of data, which is a hierarchical and tree structure. The definition of the attributes of all items is a part of the object class object class, which together constitute a schema; those schemas representing individuals in the organization are named White Pages schema. Each entry in the database is associated with several object classes that determine whether an attribute is optional and what types of information it holds. The name of an attribute is usually a string that is easy to remember. For example, CN is used to name the common name, and “mail” represents the e-mail address. Attribute value depends on its type, and the general non binary values in ldapv3 follow the UTF-8 String Syntax. For example, the mail property contains a value“ user@example.com ”; the JPEG photos property generally contains images in JPEG / JFIF format.

LDAP 目录条目可描述一个层次结构,这个结构可以反映一个政治、地理或者组织的范畴。在原始的 X.500 模型中,反应国家的条目位于树的顶端;接着是州或者民族组织。典型的 LDAP 配置使用 DNS 名称作为树形结构的顶端,下列是代表人、文档、组织单元、打印机和其他任何事务的条目。

LDAP directory entries can describe a hierarchy that reflects a political, geographic, or organizational category. In the original X.500 model, the entry reflecting the state was at the top of the tree; then there was the state or ethnic organization. A typical LDAP configuration uses the DNS name at the top of the tree, with the following entries representing people, documents, organizational units, printers, and any other transactions.

LDAP 影响了后续的 Internet 协议,包括新版本的 X.500、Directory Services Markup Language (DSML)、Service Provisioning Markup Language (SPML)和 Service Location Protocol.

LDAP affects the following Internet protocols, including the new version of X.500, directory services markup language (DSML), service provisioning markup language (SPML) and service location protocol


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】轻型目录访问协议是什么
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址