LDAP

Most companies have identity and access services through a directory services that stores objects such as users and computer as X500 objects; these were developed by the International Telecommunication Union (ITU). These object form what is called a distinguished name and are organized and stored by the Lightweight Directory Access Protocol (LDAP).

There are only three values in X500 objects; these are DC (domain), Organization Unit (OU), and CN (anything else).

In this example, we have a domain called Domain A and an organizational unit called Sales; this is where all of the sales department users and computers would reside. We can see inside the Sales OU a computer called Computer 1:

Figure 9: Active Directory

When creating the X500 ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.