LDAP介绍

LDAP概述

LDAP是轻量目录访问协议，（LDAP, Lightweight Directory Access Protocol）LDAP是用于访问目录服务（特别是基于X.500的目录服务），LDAP在TCP/IP或其他面向连接的传输服务上运行。LDAP是IETF标准的跟踪协议。
LDAP是目录非关系型的，不存储BLOB，读写是非对称的，读方便，写麻烦，适合于查询搜索。LDAP不支持数据库的事务和回滚机制。
LDAP支持负载的查询过滤器，使用树状结构，类似于互联网域名、公司组织结构、文件的目录结构等。

LDAP优势

读写效率高：可以将LDAP看作是对读操作进行优化的一种"树状数据库"，在读写比例大于7:1时，LDAP性能表现很好，比较适合身份认证。
开放的标准协议：不同于SQL数据库，LDAP客户端是跨平台的，对几乎所有的程序语言都是标准的API接口。
强认证方式：具有很高的安全级别，在国际化方面，LDAP使用UTF-8编码存储各种语言的字符。
OpenLDAP实现开源：开源软件OpenLDAP包括了很多新功能，最轻便且消耗系统资源最少，可以基于OpenLDAP进行开发新功能。
灵活添加数据类型：LDAP根据schema的内容定义各种属性之间的从属关系以及匹配模式。在关系型数据库中若要为用户添加一个属性，需要在表中增加一个字段，如果已有的数据表中增加一个字段，需要更改表的结构，变更比较困难。而LDAP只需要在schema中加入新的属性，属性的增加不会影响性能。
树状结构的数据存储：LDAP底层是B/B+树数据结构，整棵树的任何一个分支都可以单独放在一个服务器中进行分布式管理，这不仅有利于做服务器的负载均衡，也便于跨地域的服务器部署。在查询负载大或者企业在不同区域都设有分公司时进行部署突出优势。

LDAP的主要应用场景

机器认证
用户认证
用户/系统组
地址簿
组织代表
资产追踪
电话信息存储
用户资源管理
电子邮件地址查询
应用配置存储

LDAP工作方式

LDAP是无状态的客户端-服务器的工作模式，一台或多台包含了由目录信息树组成数据的LDAP服务器。客户端连接到服务器并询问一个问题，服务器以一个答案或者指针（客户端可以获取其他信息的指针，通常是另一个LDAP服务器）进行响应。无论客户端连接了哪一台LDAP服务器，都是看到的相同目录视图。

LDAP基本术语

Directory 目录

Directory 目录是用于存放信息的单元，基于域的命名。

Entry条目

Entry是目录管理的对象，是LDAP最基本的单元，类似于数据库中的每一条record记录。对LDAP的增删改查都是以Entry为基本单元进行操作的。
每个Entry都有一个唯一的标识（DN，Distinguished Name），DN在语法上是由多个相对的标识名注册，之间由逗号隔开，如du:cn=Manager,dc=hadoop,dc=apache,dc=org，通过这种层次型语法结构，可以很方便表示出条目在LDAP目录树中的位置。

Attribute属性

每个条目都有很多的Attribute属性，比如个人信息类有姓名、地址、邮箱等属性，每个属性都有名称以及对应的值，每个属性值可以是单个，也可以是多个。一些常见的属性如下：

属性	别名	说明
cn	common name	通常指一个对象的名称
dn	distinguished name	唯一标识名，类似于`绝对路径`，每个对象都有一个唯一标识名，如cn=Manager,dc=hadoop,dc=apache,dc=org
rdn	relative distinguished name	相对标识名，类似于`相对路径`，如cn=Manager
dc	domain component	通常指定一个`域名`，比如org.apache.hadoop写成dc=hadoop,dc=apache,dc=org
ou	organizationl unit	指定一个组织单元的名称，如ou=groups
sn	sur name	通常指一个人的姓氏，比如sn:Chen

AttributeType属性类型

每个属性多有唯一的属性类型，属性类型是约定属性值的数据格式以及语法类型，属性类型约定属性值可以有多少个并约定属性查询时的匹配规则、排序、大小写等规则。

ObjectClass对象类

ObjectClass对象类是属性的集合，可以将多个属性封装成一个对象，比如人员信息这个对象类，包含了姓名，地址，电话等属性，学生是人员信息的继承类，除了上面的几个属性，还可以有额外的学校、年级、班级等属性。
通过对象类可以方便的定义条目Entry类型，每个条目可以继承多个对象类，从而获得多个属性。

Schema模式

对象类、属性类型、语法分别约定了条目、属性、值，这些构成了模式，模式中的每个元素都有唯一的oid编号。

LDIF：LDAP Interchange Format

在RFC2849中定义的标准，用于规范LDAP的配置和目录内容等详细信息的保存，我们一般可以使用.ldif结尾的文件进行LDAP相关配置和目录内容的增删改查。

LDAP目录树

LDAP中，目录条目以分层的树状结构排列。

传统指定方式

传统意义上，这种结构反映的是地理或者组织边界，代表国家的条目是在树的顶部显示，在国家下面是代表州和国家组织的条目。在他们下面可能是代表组织单位、人员、打印机、文档条目。
在这里插入图片描述

网络指定方式

LDAP的树状结构也可以是基于网络域名来排列，这种命名方式因为DNS定位服务目录而流行。
在这里插入图片描述

LDAP常用命令介绍

常用参数说明

-f：-f file.ldif，从文件file.ldif中读取操作。
-x：简单认证。
-D：-D binddn，绑定DN。
-H：-H URI，通过LDAP统一的资源标识符。
-h：-h host，LDAP服务器的ip或者hostname。
-W：提示绑定密码，即不在命令上写密码，如ldapadd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -W。
-w：-w passwd，需要在命令上指定密码进行简单认证，如ldapadd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w 123456。
-p：-p port，LDAP服务器的端口。
-v：显示运行详情。

ldapadd命令

为LDAP服务器增加或修改条目Entry。
如：ldapadd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -W -f init.ldif

ldapdelete命令

从LDAP服务器删除条目Entry。
如：ldapdelete -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w 123456 -h 172.0.0.1 "uid=hdfstest,ou=hadoop,dc=apache,dc=org"

ldapmodify命令

为LDAP服务器增加或修改条目Entry。可以使用.ldif文件
如：ldapmodify -a -H ldap://172.0.0.1:389 -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w 123456 -f modifybarbara.ldif

ldapmodrdn命令

修改条目名称，重命名。即修改dn。
如：ldapmodrdn -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w123456 "uid=hdfstest,ou=hadoop,dc=apache,dc=org" "uid=hivetest"

ldapsearch命令

从LDAP服务器中搜索条目。
如：ldapsearch -x -h 172.0.0.1 -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w 123456

ldappasswd命令

为LDAP服务器更改密码。

-S：交互式提示用户输入新密码
-s password：指定新密码，明文的，不建议使用
-a oldpasswd ：指定旧密码，自动生成新密码
-A ：提示输入旧密码，自动生成新密码

1）-S 交互式提示用户输入新密
ldappasswd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w123456 -h172.0.0.1 "cn=guolitao,ou=mysql,ou=研发中心,dc=hadoop,dc=apache,dc=org" -S
2）-s 指定新密码，明文的，不建议使用
ldappasswd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w123456 -h172.0.0.1 "uid=zhan_z,ou=运维部,ou=研发中心,dc=hadoop,dc=apache,dc=org" -s 123456
3）-a 指定旧密码，自动随机生成新密码
ldappasswd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w123456 -h172.0.0.1 "uid=zhan_z,ou=运维部,ou=研发中心,dc=hadoop,dc=apache,dc=org" -a 123456
4）-A 提示输入旧密码，自动随机生成新密码
ldappasswd -x -D "cn=Manager,dc=hadoop,dc=apache,dc=org" -w123456 -h172.0.0.1 "uid=zhan_z,ou=运维部,ou=研发中心,dc=hadoop,dc=apache,dc=org" -A

附录：LDAP命令参数详解

ldapadd命令

$ ldapadd --help

Add or modify entries from an LDAP serverusage: ldapadd [options]The list of desired operations are read from stdin or from the filespecified by "-f file".
Add or modify options:-a         add values (default)-c         continuous operation mode (do not stop on errors)-E [!]ext=extparam    modify extensions (! indicate s criticality)-f file    read operations from `file'-M         enable Manage DSA IT control (-MM to make critical)-P version protocol version (default: 3)-S file    write skipped modifications to `file'
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

ldapdelete命令

$ ldapdelete --help

Delete entries from an LDAP serverusage: ldapdelete [options] [dn]...dn: list of DNs to delete. If not given, it will be readed from stdinor from the file specified with "-f file".
Delete Options:-c         continuous operation mode (do not stop on errors)-f file    read operations from `file'-M         enable Manage DSA IT control (-MM to make critical)-P version protocol version (default: 3)-r         delete recursively
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

ldapmodify命令

$ ldapmodify --help

Add or modify entries from an LDAP serverusage: ldapmodify [options]The list of desired operations are read from stdin or from the filespecified by "-f file".
Add or modify options:-a         add values (default is to replace)-c         continuous operation mode (do not stop on errors)-E [!]ext=extparam    modify extensions (! indicate s criticality)-f file    read operations from `file'-M         enable Manage DSA IT control (-MM to make critical)-P version protocol version (default: 3)-S file    write skipped modifications to `file'
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

ldapmodrdn命令

$ ldapmodrdn --help

Rename LDAP entriesusage: ldapmodrdn [options] [dn rdn]dn rdn: If given, rdn will replace the RDN of the entry specified by DNIf not given, the list of modifications is read from stdin orfrom the file specified by "-f file" (see man page).
Rename options:-c         continuous operation mode (do not stop on errors)-f file    read operations from `file'-M         enable Manage DSA IT control (-MM to make critical)-P version protocol version (default: 3)-r             remove old RDN-s newsup  new superior entry
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

ldapsearch命令

$ ldapsearch -help

usage: ldapsearch [options] [filter [attributes...]]Search options:-a deref   one of never (default), always, search, or find-A         retrieve attribute names only (no values)-b basedn  base dn for search-c         continuous operation mode (do not stop on errors)-E [!]<ext>[=<extparam>] search extensions (! indicates criticality)[!]domainScope              (domain scope)!dontUseCopy                (Don't Use Copy)[!]mv=<filter>              (RFC 3876 matched values filter)[!]pr=<size>[/prompt|noprompt] (RFC 2696 paged results/prompt)[!]sss=[-]<attr[:OID]>[/[-]<attr[:OID]>...](RFC 2891 server side sorting)[!]subentries[=true|false]  (RFC 3672 subentries)[!]sync=ro[/<cookie>]       (RFC 4533 LDAP Sync refreshOnly)rp[/<cookie>][/<slimit>] (refreshAndPersist)[!]vlv=<before>/<after>(/<offset>/<count>|:<value>)(ldapv3-vlv-09 virtual list views)[!]deref=derefAttr:attr[,...][;derefAttr:attr[,...][;...]][!]<oid>[=:<b64value>] (generic control; no response handling)-f file    read operations from `file'-F prefix  URL prefix for files (default: file:///tmp/)-l limit   time limit (in seconds, or "none" or "max") for search-L         print responses in LDIFv1 format-LL        print responses in LDIF format without comments-LLL       print responses in LDIF format without commentsand version-M         enable Manage DSA IT control (-MM to make critical)-P version protocol version (default: 3)-s scope   one of base, one, sub or children (search scope)-S attr    sort the results by attribute `attr'-t         write binary values to files in temporary directory-tt        write all values to files in temporary directory-T path    write files to directory specified by path (default: /tmp)-u         include User Friendly entry names in the output-z limit   size limit (in entries, or "none" or "max") for search
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

ldappasswd命令

$ ldappasswd --help

Change password of an LDAP userusage: ldappasswd [options] [user]user: the authentication identity, commonly a DN
Password change options:-a secret  old password-A         prompt for old password-t file    read file for old password-s secret  new password-S         prompt for new password-T file    read file for new password
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

ldapwhoami命令

$ ldapwhoami --help

Issue LDAP Who am I? operation to request user's authzidusage: ldapwhoami [options]
Common options:-d level   set LDAP debugging level to `level'-D binddn  bind DN-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)[!]assert=<filter>     (RFC 4528; a RFC 4515 Filter string)[!]authzid=<authzid>   (RFC 4370; "dn:<dn>" or "u:<user>")[!]chaining[=<resolveBehavior>[/<continuationBehavior>]]one of "chainingPreferred", "chainingRequired","referralsPreferred", "referralsRequired"[!]manageDSAit         (RFC 3296)[!]noopppolicy[!]postread[=<attrs>]  (RFC 4527; comma-separated attr list)[!]preread[=<attrs>]   (RFC 4527; comma-separated attr list)[!]relax[!]sessiontrackingabandon, cancel, ignore (SIGINT sends abandon/cancel,or ignores response; if critical, doesn't wait for SIGINT.not really controls)-h host    LDAP server-H URI     LDAP Uniform Resource Identifier(s)-I         use SASL Interactive mode-n         show what would be done but don't actually do it-N         do not use reverse DNS to canonicalize SASL host name-O props   SASL security properties-o <opt>[=<optparam>] general optionsnettimeout=<timeout> (in seconds, or "none" or "max")ldif-wrap=<width> (in columns, or "no" for no wrapping)-p port    port on LDAP server-Q         use SASL Quiet mode-R realm   SASL realm-U authcid SASL authentication identity-v         run in verbose mode (diagnostics to standard output)-V         print version info (-VV only)-w passwd  bind password (for simple authentication)-W         prompt for bind password-x         Simple authentication-X authzid SASL authorization identity ("dn:<dn>" or "u:<user>")-y file    Read password from file-Y mech    SASL mechanism-Z         Start TLS request (-ZZ to require successful response)

参考
openldap文档

查看全文
如若内容造成侵权/违法违规/事实不符，请联系编程学习网邮箱：809451989@qq.com进行投诉反馈，一经查实，立即删除！

sublime JS Format js格式化工具
打开 sublime 包控制器## ctrl+shift+p 或者点击菜单栏的“Preferences”-->"Package Control"打开包下载器输入 install package，回车。安装 JS Format js格式化工具输入 JS Format 弹出插件选项，回车。即可安装快捷键是 ctrl+shift+f 整理收集了我自己…...
2024/4/20 18:19:13
C#中MessageBox.Show的用法
收藏下，用时看看即可，原文地址：http://blog.sina.com.cn/s/blog_65209e220100s2zt.htmlMessageBox.Show (String) 显示具有指定文本的消息框。由 .NET Compact Framework 支持。 MessageBox.Show (IWin32Window, String) 在指定对象的前面显示具有指定文本的消息框。 Messa…...
2024/4/21 9:00:29
LDAP常遇问题
服务器数据初始化 [root@station3 nks]# service ldap statusslapd (pid 5840) 正在运行...[root@station3 nks]# service ldap stop停止 slapd： [确定]将系统账户转移到openldap中[root@mail openldap]# vi /usr/share/openlda…...
2024/4/21 9:00:28
Highlights of 22nd annual Screen Actors Guild Awards
preview:Guild:/ɡɪld/n.协会，行会；同业公会Ensemble :[ɑnsɑmbl]n.全体；总效果；全套服装；全套家具；合奏组adv. 同时Oscar-nominated: 奥斯卡提名的entitled：adj.有资格的；给与名称的v. 给…权利；给…定书名；授…以荣誉（entitle的过去分词）simultaneously [saɪ…...
2024/4/21 9:00:27
综合应用WPF/WCF/WF/LINQ之三十五：解决CheckListBox控件中选择项丢失的问题
（本文要感谢Microsoft公司的Neil Ni的帮助。）　　其实这个是Microsoft在设计上的一个考虑。由于这些界面元素主要目的是呈现（对我这个控件来说，取值通过属性CheckedValues，如果您试图遍历这些子控件，可能会发现一些子控件甚至都没有加入Visual Tree），如果ListBox里面It…...
2024/4/21 9:00:26
JavaScript的三种代码书写格式
在这里我将 JavaScript 的类与 Java(本人主要是做Java开发的) 的类做一个比较，以便大家能够更好的理解。1. 在没有接触 JS 的面向对象编程之前，写JS的函数都是像下面这样写的：function test(){var v1 = "test";var v2 = "value";if(v1=="test"…...
2024/4/21 9:00:25
LDAP基础：5：使用ldapadd进行数据增加
在前面的文章中学习到了如何搭建openldap服务，以及如何从客户端进行访问，同时最基础的ldap的概念和树形结构的常见构成方式也多少有些涉及，在这个基础之上，就可以开始使用LDAP了。这篇文章来介绍一下如何创建相关的信息。创建内容这里我们将会聚焦于下图灰色部分的创建，…...
2024/4/21 9:00:24
魔兽世界单机版（模拟器）入门介绍--Starting off with WoW Emulation. 翻译
背景：从06年玩魔兽到现在也13年了。5.48的时候在国外读研、时间特别多，在艾苏恩的“魔兽夜店”lm公会（永远记得这段快乐的时光），围攻奥格达到了我的顶峰（带团），回国后找工作6.X没玩。从7.x就开始咸鱼，H都没通。现在也得结婚成家了。以后更加咸鱼了，指不定哪天就AFK。…...
2024/4/26 20:59:40
js格式化时间
1.JS格式化时间方法格式一: 2018-1-29-10:34:49var curr_time = new Date(); Myformatter(curr_time);function myformatter(date){ var strDate = date.getFullYear()+"-"; strDate += date.getMonth()+1+"-"; …...
2024/4/25 14:16:50
C#中ChecklistBox的部分用法
一、绑定数据 1.直接绑定，如图所示。在属性中找到Items属性，添加集合，每行为一个结果。2.代码绑定checkedListBox1.Items.Add(string); 二、获取数据 1.所有值checkedListBox1.Items 2.获取选中值 private List<string> GetCheckedItems(CheckedListBox clb){List<…...
2024/4/20 10:57:10
MessageBox()的参数用法总结
1、MessageBox.Show("hello","world!",MessageBoxButtons.OKCancel,MessageBoxIcon.Error); 我想在按了 “是”之后做一些工作，怎么知道我按的是 “是 ”还是“取消”怎么写代码？if (MessageBox.Show("hello", "world!", MessageBo…...
2024/4/21 9:00:21
JS的书写格式
JS的书写格式与CSS相同：分为行内JS、内部JS和外部JS三种 1.行内JS 直接在body语句中写：<input type="button" value="点击有惊喜" οnclick="javascript:alert(哈哈哈)" />2.内部JS<!DOCTYPE html> <html lang="en"&…...
2024/4/21 9:00:19
一个CheckedListBox操作类
using System;using System.Collections.Generic;using System.Text;using System.Windows.Forms;namespace WindowsApplication1...{ class CheckListBox ...{ /**//// <summary> /// 选择所有的选项 /// </summary> /// <…...
2024/4/21 9:00:20
ldap命令初试
ldap是企业基础设施，我对其配置一直很感兴趣。今天读了一篇网上的“陈云川的OPENLDAP系列",对其有了基本的认识，结合公司的ldap,尝试了一下： ldapsearch -h 192.168.1.10 -D "uid=enlaizhou,ou=People,dc=example,dc=com" -W -b "ou=People,dc=example…...
2024/4/23 7:49:23
移植性问题の[windows编程]error C2664: “MessageBoxW”: 不能将参数 2 从“char *”转......
执行 MessageBox(NULL,Temp,"Application Error",MB_ICONSTOP); 时出现以下错误： error C2664: “MessageBoxW”: 不能将参数 2 从“char *”转换为“LPCWSTR” 其中定义： char* Temp=new char[200]; 请问怎么改啊？因为你的程序在UNICODE（宽字节）字符集下运行，…...
2024/4/21 9:00:17
QTP测试.NET控件CheckedListBox
对于.NET的CheckedListBox控件，我们可以适当封装，让其可以支持设置CheckListBox中指定Index的某一项的勾选状态的功能，以及支持设置CheckListBox中指定内容的某一项的勾选状态的功能，具体的实现代码如下所示：设置CheckListBox中指定Index的某一项的勾选状态 Function Che…...
2024/4/21 9:00:15
CentOS 上使用squidguard 配置ldapsearch會遇到syntax error
如果你使用Centos自帶的squidguard包,那么你在配置使用ldap auth時就會遇到這個問題. 因為默認安裝的時候squidguard是不帶ldap支持的!!!如果你沒注意到這一點,而只看到log中的syntax error,你就會浪費大量的時間,因為不管你怎麼調整你的ldap search語句都不會正確. 如何確認是…...
2024/4/21 9:00:14
js文件格式
//操作处理 var handler = {//绑定事件bindEvent: function () {},//跳转档案toDaPage : function(e) {var url = document_url + e;window.open(url);},queryHandler: function () {listPage.queryPage();//调用默认查询分页封装方法},//查看位置信息location: function(jd, w…...
2024/4/20 18:19:20
C# WinForm中CheckedListBox控件的数据绑定及DisplayMember与ValueMember获取问题
WinForm下的CheckListBox与asp.net下的CheckBoxList不一样,绑定与设置也没有那简单.web下只要设置DataSource,Value和Text即可,而且在获取文本的value时也很方便. 但WinForm下就没有那么方便了,但如果要实现有Text和Value也不难.我也是参照着网上资料自己写了一个.绑定时也还是…...
2024/4/20 18:19:20
centos7安装ldap
yum安装第一步，安装依赖和软件yum install -y openldap-servers openldap-clients cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG chown ldap. /var/lib/ldap/DB_CONFIG systemctl enable slapd systemctl start slapd第二步，使用 slappasswd 命…...
2024/4/20 18:19:18

Hadoop—LDAP介绍和使用

LDAP介绍

LDAP概述

LDAP优势

LDAP的主要应用场景

LDAP工作方式

LDAP基本术语

Directory 目录

Entry条目

Attribute属性

AttributeType属性类型

ObjectClass对象类

Schema模式

LDIF：LDAP Interchange Format

LDAP目录树

传统指定方式

网络指定方式

LDAP常用命令介绍

常用参数说明

ldapadd命令

ldapdelete命令

ldapmodify命令

ldapmodrdn命令

ldapsearch命令

ldappasswd命令

附录：LDAP命令参数详解

ldapadd命令

ldapdelete命令

ldapmodify命令

ldapmodrdn命令

ldapsearch命令

ldappasswd命令

ldapwhoami命令

相关文章

最新文章