LDAP

The Lightweight Directory Access Protocol (LDAP) is a vendor-neutral, request-response protocol used to maintain distributed directory info. Active Directory (AD), for example, is the proprietary directory service provided by Microsoft. LDAP allows servers to communicate with Active Directory using queries to find, view, or edit information.

Distributed Directories, directory information services, or just Directories are network databases that store information in data trees. Each record in the tree includes (among other, less critical components) a Distinguished Name most often seen as DN, a collection of attributes, and a collection of object classes.

Distinguished Name Codes

CN      commonName              Common Name
L       localityName            Locality Name
ST      stateOrProvinceName     State Or Province Name
O       organizationName        Organization Name
OU      organizationalUnitName  Organizational Unit Name
C       countryName             Country Name
STREET  streetAddress           Street Address
DC      domainComponent         Domain Component
UID     userid                  User ID

DN Example

CN=dwatts,OU=users,OU=RAL,OU=Divisions,DC=cit,DC=ucar,DC=edu

From inside the edu Domain Component find the ucar Domain Component, and then inside it, find the cit Domain Component.

In the cit Domain Component find the Organizational Unit called Divisions, then from inside it find the Organizational Unit called RAL, then from inside that find the Organizational Unit called users

Then, from within the users Organizational Unit find the the object that has a common name of dwatts.