a name (attribute name) and one or several attribute values.
Usually an attribute is presented in the name=value form.
Attribute names are case-insensitive.
an attribute with the objectClass name; this attribute is used to specify a nature of the object it belongs to.
a sequence of attributes presented in the name=value form and separated with the comma (,) symbol.
DNs are used as unique names for objects (records).
DNs are used to build object name trees, with the rightmost attribute specifying the most generic name, and the leftmost attribute specifying the unique object name itself.
The leftmost attribute is called Relative Distinguished Name (RDN) - it provides a unique name for the object among all objects with DNs having the same parent DN.
this is a different DN, but it has the same "parent DN" (server=BigIron,realm=Internet)
this is a different DN, with a different "parent DN" (server=SmallCopper,realm=Internet)
set of attributes with a distinguished name
Usually a record is presented as several lines starting with the name presenting the record DN, followed by the lines presenting the record attributes. Several records are usually separated with an empty line.
Note: the LDAP standard recommends to include the RDN attribute into the set of attributes making up a directory record. CommuniGate Pro Directory Manager enforces this rule.
a set of directory records; this can be a very large set (millions of records). The set is organized as a tree using DNs. Records are removed automatically when the record with the parent DN is removed. Record DNs are updated automatically when the parent DN is changed (renamed).
a set of directory restrictions, including: