1 / 11

Application and Directory Management Issues Common Solutions Group

Application and Directory Management Issues Common Solutions Group. Chandler Meeting Berkeley, CA January 6, 2003 Michael R Gettes, Georgetown University. Directory Usage Today. High performance white pages Anonymous access as well as authenticated

amish
Download Presentation

Application and Directory Management Issues Common Solutions Group

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Application and Directory Management IssuesCommon Solutions Group Chandler Meeting Berkeley, CA January 6, 2003 Michael R Gettes, Georgetown University

  2. Directory Usage Today • High performance white pages • Anonymous access as well as authenticated • Centrally maintained; updated at least daily • 24 x 7 operations • Resource discovery; identity, capabilities (voice, video, etc.) • X.509 Certificates • A directory is not a cap snaffler Common Solutions Group Chandler Meeting @ Berkeley CA

  3. White Pages • Web pages backend • Netscape, Mozilla, Eudora, Pine, Outlook*, etc • All are configured to locate people in directories • Very few email clients do NOT have LDAP integration • Calendar systems supporting LDAP white pages • Oracle CorporateTime Common Solutions Group Chandler Meeting @ Berkeley CA

  4. LDAP Authentication • Many do so anonymously -- some have harvesting problems, especially via white pages • Require authenticated access, less common • Authentication and FERPA • Proper engineering of app to support FERPA compliance is required. If the app does authN it must do it right for the directory. See LDAP-Recipe Common Solutions Group Chandler Meeting @ Berkeley CA

  5. General App issues • Proper authentication (binding), see previous • Don’t care about DN or DIT structure • Flexible mapping of attributes • How to search on names? How to present names and how to present an LDAP object. • Failover support • Many app issues discussed in LDAP-Recipe Common Solutions Group Chandler Meeting @ Berkeley CA

  6. Directories part of ID management • Critical component of Enterprise infrastructure integrated into most identity management systems • Service provisioning accessible in directory • Directory plays a role in providing data for authorization decisions • Most schools concentrating on maintaining the directory timely and data flows from the directory Common Solutions Group Chandler Meeting @ Berkeley CA

  7. Discovery • Locate people and obtain identifiers about them • Learn capabilities • They accept e-mail • They have calendar service • They have a certificate for secure mail • They have a voice-over-ip phone • They have a video service & contacted “here” Common Solutions Group Chandler Meeting @ Berkeley CA

  8. X.509 Certificates • Need flexibility (like Netscape PSM?) to support different methods of handling security services • Currently Certs are in userCertificate attribute as binary blob, not searchable to locate appropriate cert for signing or encryption • New work to expose components of Cert as searchable directory objects (with binary blob still maintained). Common Solutions Group Chandler Meeting @ Berkeley CA

  9. Cap Snafflers? • “Those rubber things to twist-off stuck bottle caps” • Directories don’t do everything, make sure there is agreement about appropriate use of a directory • A directory is a special, high-performance mostly read database. There should be generic database support. • There should be support for dynamic mapping of attributes and “learning” of search filters and other methods. Maybe a chandler object that tells the app how to search, map attributes and so on. Common Solutions Group Chandler Meeting @ Berkeley CA

  10. Groups, Groups, Groups • Static vs. Dynamic (issues of large groups) • Static Scalability, performance, bandwidth • Dynamic Manageability (search based, but search limits) • See NSF Middleware Initiative for papers on issues around Directory groups • Group Math (&(group=faculty)(!(group=adjunct))(dn=x)) • Should mailing list managers be used or is it time to push MLM abilities into the client with the help of a directory? (hint: MLMs are still good) Common Solutions Group Chandler Meeting @ Berkeley CA

  11. Roles • What Chandler Roles might there be? • Groups can be seen as a “poor man’s role” Common Solutions Group Chandler Meeting @ Berkeley CA

More Related