Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CEG 2400 Fall 2012 eDirectory – Directory Service.

Published byDomenic Hall Modified over 8 years ago

Similar presentations

Presentation on theme: "1 CEG 2400 Fall 2012 eDirectory – Directory Service."— Presentation transcript:

1 1 CEG 2400 Fall 2012 eDirectory – Directory Service

2 2 eDirectory –Formerly called Novell Directory Services (NDS) –Initially released in 1993 –eDirectory is an LDAP-compatible directory service and database that maintains information about all network resources Novell eDirectory Services

3 3

4 4 Benefits of eDirectory: 1.Single log in 2.A variety of administration tools 3.A secure, encrypted single login using RSA encryption 4.Because the directory database is distributed and replicated, eDirectory provides fault tolerance 5.eDirectory is scalable, it works well in small networks or global networks 6.eDirectory uses dynamic rights inheritance Novell eDirectory Services

5 5 The eDirectory tree –A hierarchical structure for organizing information –The tree starts at a single point, called the root, and branches out from there –The tree is usually drawn inverted with the root at the top of the diagram eDirectory Components

6 6

7 7 An eDirectory object always represents some definable network element, either physical or logical, for which you can record data –The types of data collected in objects are called properties and the data itself is the property value (similar to x.500) eDirectory Components

8 8 There are two general categories of eDirectory objects: container objects and leaf objects –Container objects hold other objects, whereas leaf objects are the ends of the tree branches –Container objects are used to organize network resources (represented by leaf objects) eDirectory Components

9 9

10 10 Container objects: –The Tree or [Root] object is always the first object in the directory tree, and there is only one and it has no properties and it cannot be modified or deleted –The optional Country object organizes the tree for businesses operating in more than one country –If the Country object is used, it must be used immediately after the Root object eDirectory Components

11 11 Container objects: –The Organization object provides the first level of organizational structure for the directory tree – eDirectory Trees must have at least one Organization object –There is usually only one Organization object in the directory tree, representing the company eDirectory Components

12 12 Container objects: –The Organizational Unit (OU) object subdivides the organizational structure of the directory tree –There is no requirement that an OU object be used, however, the OU object is useful for creating an organizational structure in directory trees (usually a lot of these) eDirectory Components

13 13 Leaf objects used in directory trees: –User related such as user or group –Server related such as servers or volumes –Printer related –General purpose related such as computers eDirectory Components

14 14 Each eDirectory object has a name that uniquely identifies it within the tree along with it’s context –The position or location of an object in the directory tree is called the object’s context –Context is specified as the path from the [Root] to the object, the context reads from left to right starting at the lowest level of the tree and working upward to the [Root] eDirectory Components

15 15 eDirectory object names (cont.) –An object’s complete name (the distinguished name) is the object name plus the object’s context (also there is a relative distinguished name) –A name specification that includes the object abbreviations (two letters preceding its name identifying type) is referred to as a typeful name (.cn=jsmith.ou=users.o=mycompany), names without object abbreviations are typeless (.jsmith.users.mycompany) eDirectory Components

16 16

17 17 One of the main security concerns in the eDirectory environment is protecting the all-important directory database –Novell implements a distributed database, one that is stored in sections (or partitions) on different servers –Partitions start at an Organization or OU branch of the tree and include all leaf objects in that container plus any other elements in that branch eDirectory - a Replicated, Distributed Database

18 18 Distributed database (cont.) –A replica is a copy of a partition and is stored on Novell servers to ensure fault tolerance and provide faster access on a WAN –When an eDirectory object changes, a copy of the change is sent from the partition where the change was first recorded, to all other replicas of the partition - this is called replica synchronization eDirectory as a Replicated, Distributed Database

19 19 Distributed database (cont.) –The five types of replicas are: 1.Master 2.Read/Write 3.Read-Only 4.Subordinate Reference 5.Filtered eDirectory as a Replicated, Distributed Database

20 eDirectory Advantages –Uses dynamic rights inheritance, which allows both global and specific access controls –Access rights to objects in the tree are determined at the time of the request and are determined by the rights assigned to the objects by virtue of their location in the tree, any security equivalences, and individual assignments –Can log into any server in the tree 20

21 eDirectory Advantages –The software supports partitioning at any point in the tree, as well as replication of any partition to any number of servers –Replication between servers occurs periodically using deltas of the objects –Runs on most NOS platforms Windows Some forms of Linux/Unix 21

22 eDirectory Advantages –Netware integrated all functions into eDirectory. Even file system information is stored in the directory as volume objects. –Active Directory is fairly simple by comparison, typically storing only user and machine objects in their directory. Other Windows network configuration information is scattered across other databases such as the registry, the domain name server, and specialized services such as the global catalog. 22

23 23 Chapter Summary eDirectory is network-centric The logical design of eDirectory is the directory tree The directory tree consists of eDirectory objects. Objects represent physical, logical, or organizational entities Objects have properties, which have data

24 24 Chapter Summary The directory tree consists of container objects and leaf objects. Container objects provide organizational structure for the directory tree. They can contain other container objects or leaf objects. Leaf object represent network resources, such as users and printers. They cannot contain other objects

25 25 Chapter Summary The location of an object in the directory tree is the object’s context. The directory database can be divided into partitions. The partitions can and should be copied to other servers to ensure fault tolerance. The copies are called replicas. There are five types of replicas: Master, Read/Write, Read- Only, Subordinate Reference, and Filtered. Advantages

26 26 eDirectory – Directory Service Questions Directory Services eDirectoryLDAP Active Directory

Download ppt "1 CEG 2400 Fall 2012 eDirectory – Directory Service."

Similar presentations

Fault tolerance and disaster recovery

Fault tolerance and disaster recovery
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
Introduction to Active Directory

Introduction to Active Directory
Chapter Nine NetWare-Based Networking. Objectives Identify the advantages of using the NetWare network operating system Describe NetWare’s server hardware.

Chapter Nine NetWare-Based Networking. Objectives Identify the advantages of using the NetWare network operating system Describe NetWare’s server hardware.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS

ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Configuring File Services Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Configuring a File ServerConfigure a file server4.1 Using.

Configuring File Services Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Configuring a File ServerConfigure a file server4.1 Using.
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
(ITI310) SESSIONS 9-10-11-12: Active Directory By Eng. BASSEM ALSAID.

(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.

Similar presentations

Ads by Google