30 April 1998IBM1 Directory Services Best Practices Ellen Stokes, Directory Architect IBM Austin

Slides:



Advertisements
Similar presentations
Donnie Hamlett Technology Specialist Microsoft Corporation Microsoft Services for NetWare 5.0 Overview Overview Directory Synchronization Services Directory.
Advertisements

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009.
Active Directory: Final Solution to Enterprise System Integration
Chapter 4 Chapter 4: Planning the Active Directory and Security.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
Enterprise Search With SharePoint Portal Server V2 Steve Tullis, Program Manager, Business Portal Group 3/5/2003.
1 Personal Activity Coordinator (PAC) Xia Hong UC Berkeley ISRG retreat 1/11/2000.
By Karan Oberoi.  A directory service (DS) is a software application- or a set of applications - that stores and organizes information about a computer.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Understanding Active Directory
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.
Understanding Active Directory
Public Key Infrastructure from the Most Trusted Name in e-Security.
Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server 2008
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.
WSS 3.0 Architecture and Enhancements Ashvini Shahane Member – Synergetics Research Lab.
Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Overview of Active Directory Domain Services Lesson 1.
BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Windows Server 2008 Chapter 4 Last Update
Requirements for Epidemic Information Management Farrukh Najmi XML Standards Architect Sun Microsystems
Membership in ASP.Net...if only Presented by: Patrick Hynds President, CriticalSites Microsoft Regional Director.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Enterprise Java Beans Part I Kyungmin Cho 2001/04/10.
A detailed look at the Microsoft Windows Infrastructure at UWE including Active Directory (AD), MIIS, Exchange, SMS, IIS, SQL Server, Terminal Services.
RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 4 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Windows 2000 Operating System -- Active Directory Service COSC 516 Yuan YAO 08/29/2000.
SERVER I SLIDE: 6. SERVER I Topics: Objective 4.3: Deploy and configure the DNS service Objective 5.1: Install domain controllers.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Two Installing and Configuring Exchange Server 2003.
Directory Services Best Practices Ed Reed, Technologist Novell, Inc.
Module 7 Active Directory and Account Management.
Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers
1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.
James Akrigg Microsoft Ltd Integrating InfoPath Forms Into Workflow Solutions And Business Processes.
DISTRIBUTED COMPUTING Introduction Dr. Yingwu Zhu.
Module 2: Overview of IIS 7.0 Application Server.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Windows Role-Based Access Control Longhorn Update
Comprehensive Project Management Solutions with the.NET Server family.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
Introduction to Active Directory
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
ETICS An Environment for Distributed Software Development in Aerospace Applications SpaceTransfer09 Hannover Messe, April 2009.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
COMP1321 Digital Infrastructure Richard Henson March 2016.
Secure Connected Infrastructure
Implementing Active Directory Domain Services
Overview of Active Directory Domain Services
“Azure is the cloud platform of choice for our customers
Public Key Infrastructure from the Most Trusted Name in e-Security
Chapter 4: Planning the Active Directory and Security
Developing for Windows Azure
ONAP Architecture Principle Review
Presentation transcript:

30 April 1998IBM1 Directory Services Best Practices Ellen Stokes, Directory Architect IBM Austin

30 April 1998IBM2 Agenda Why Best Practices Topics –Heterogeneity –Directory Content –Schema and the Namespace –Finding Things Summary

30 April 1998IBM3 Why Best Practices? Aid in planning deployment and use of directory services Avoid the pitfalls & learn from collective experiences, such as –Leverage the directory as a cost effective part of your total distributed solution –Don’t make the directory do what it wasn’t designed to do, e.g. directories are not general purpose RDBMSs –Make effective use of the namespace for flexibility and scalability of applications

30 April 1998IBM4 Heterogeneity The directory space is heterogeneous –Multiple platforms –Multiple directories Portability via APIs Interoperability via Protocols Customer decides how much synergy he wants between directories - there are choices, such as –Meta-directory –Federation –Loose coupling (relationships, e.g. DNS)

30 April 1998IBM5 Directory Content - I Directory content is fairly static Not all data from miscellaneous files goes in the directory –Users, groups, configuration info, location info, policy, user preferences are good candidates –Bootstrap information is not a good candidate Store as discrete entities or blobs? –Discrete entities allows for visual inspection and re-use across products –Blobs limit use to a specific product

30 April 1998IBM6 Directory Content - II Secure sensitive information –Use ACLs: groups and roles to grant rights –Request extensions to encrypt data for privacy digitally sign requests or data for integrity

30 April 1998IBM7 Schema & Namespace - I The namespace is global - structure it –Let the customer define the structure –Hierarchy is good; it aids in partitioning for replication finding information –Limit use of aliases (admin + and -) –Enable schema checking

30 April 1998IBM8 Schema & Namespace - II Schema: model the data –Use industry standard objects and attributes where possible –Extend existing or define new schema as necessary –Use auxiliary object classes where sub-classing not viable, e.g. extending the person object –Use DNs to define relationships

30 April 1998IBM9 Finding Things Directory Servers –Define a ‘home server’ as a user preference –Let the ‘system’ help you DNS DHCP Referrals Objects and attributes –Use well-formed searches

30 April 1998IBM10 Summary Make directory use the default, not the option Do what meets your needs