1 / 23

Introduction to Name and Directory Services

Introduction to Name and Directory Services. Gang Shen (Bruce). Introduction. What is What for Standard How does it work Example References. What is Name or Directory Services.

rsaucedo
Download Presentation

Introduction to Name and Directory Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Name and Directory Services Gang Shen (Bruce) CS8320

  2. Introduction • What is • What for • Standard • How does it work • Example • References CS8320

  3. What is Name or Directory Services Look-up operations. Given the name or some attributes of an object entity, more attribute information is obtained. Name service and Directory service are interchangeable. They all describe how a named object can be addressed and located by using its address.[1] CS8320

  4. What is Name or Directory Services A directory service is a software application — or a set of applications — that stores and organizes information about a computer network's users and network resources, and that allows network administrators to manage users' access to the resources. Additionally, directory services act as an abstraction layer between users and shared resources.[3] CS8320

  5. Purpose of Directory Service • Enable user to reference network resources with short names instead of real addresses • Locate object by attributes • Provide a layer of abstraction so that the network resources can be managed independently without service interruption • Added value, such as security,etc. CS8320

  6. Implementation • Active Directory for Windows 2000, Server 2003 • Apple Open Directory in Mac OS X Server • Novell eDirectory - formerly called Novell Directory Services (NDS) for Novell NetWare version 4.x-5.x • OpenLDAP • Sun Directory Services CS8320

  7. Standard X.500 defined by CCITT(Comité Consultatif International Téléphonique et Télégraphique) Now ITU-T (Telecommunication Standardization Sector of the International Telecommunications Union). Includes[4] • DAP (Directory Access Protocol) • DSP (Directory System Protocol) • DISP (Directory Information Shadowing Protocol) • DOP (Directory Operational Bindings Management Protocol) CS8320

  8. Standard LDAP, Lightweight Directory Access Protocol, is a networking protocol for querying and modifying directory services running over TCP/IP.[5] CS8320

  9. How does it work Object resolution process has two steps. Name resolution: Map name to logical address. More interesting. Example, Locate a server. Retrieve a user object.. Address resolution: map logical address to physical address/network route. It’s a network function. CS8320

  10. Ways to name an object • <attribute>,<name,attributes,address>,<name, type, attributes, address> • Flat,hierarchy structure, structure-free name, value pairs • Physical, organizational, functional CS8320

  11. Storage DIB (directory information base) from X.500. It’s a tree structure. CS8320

  12. CS8320

  13. Access Mode DSA—Directory Service Agent DUA–- Directory User Agent Client Server Based model CS8320

  14. CS8320

  15. LDAP Latest technology on directory service. Client server architecture, based on TCP (vs. OSI), less operations, only support string type (vs. more data types), faster and easier to use. [6] CS8320

  16. LDAP Server It’s a fast read, slow update database. It organized in a very shallow tree fashion for read performance. All or nothing updates. It can return multiple result objects. It only return success search result or failure. It retrieve result from other servers on clients behalf. CS8320

  17. Terms Domain component – dc Organizational unit – ou Distinguished name (fully qualified name) – dn Common name – cn CS8320

  18. Example CS8320

  19. Query LDAP Combination of DN, filter, and scope…[2] • a base DN indicates where in the hierarchy to begin the search • a filter specifies attribute types, assertion values, and matching criteria • scope indicates what to search:base DN,one level below the base DN, subtree rooted at the base DN CS8320

  20. Query • base DN: dc = edu • scope: entire subtree • filter: objectClass = person CS8320

  21. Opportunities • Performance, cache, replication • Reliability, replication • Security CS8320

  22. Extent ions and Questions • Cache • Security CS8320

  23. References • 1.Randy Chow,Theodore Johnson, “Distributed Operating Systems & Algorithms”, 1998 • 2. Jeff Hodges,"Introduction to Directories and LDAP", June 1997 • 3. http://en.wikipedia.org/wiki/Directory_service • 4. http://en.wikipedia.org/wiki/X.500 • 5. http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol • 6. Timothy A. Howes, "The Lightweight Directory Access Protocol: X.500 Lite", July 27, 1995, CITI Technical Report 95-8 CS8320

More Related