Download presentation
Presentation is loading. Please wait.
1
Introduction to Name and Directory Services
Gang Shen (Bruce) 12/31/2018 CS8320
2
Introduction What is What for Standard How does it work Example
References 12/31/2018 CS8320
3
What is Name or Directory Services
Look-up operations. Given the name or some attributes of an object entity, more attribute information is obtained. Name service and Directory service are interchangeable. They all describe how a named object can be addressed and located by using its address.[1] 12/31/2018 CS8320
4
What is Name or Directory Services
A directory service is a software application — or a set of applications — that stores and organizes information about a computer network's users and network resources, and that allows network administrators to manage users' access to the resources. Additionally, directory services act as an abstraction layer between users and shared resources.[3] 12/31/2018 CS8320
5
Purpose of Directory Service
Enable user to reference network resources with short names instead of real addresses Locate object by attributes Provide a layer of abstraction so that the network resources can be managed independently without service interruption Added value, such as security,etc. 12/31/2018 CS8320
6
Implementation Active Directory for Windows 2000, Server 2003
Apple Open Directory in Mac OS X Server Novell eDirectory - formerly called Novell Directory Services (NDS) for Novell NetWare version 4.x-5.x OpenLDAP Sun Directory Services 12/31/2018 CS8320
7
Standard X.500 defined by CCITT(Comité Consultatif International Téléphonique et Télégraphique) Now ITU-T (Telecommunication Standardization Sector of the International Telecommunications Union). Includes[4] DAP (Directory Access Protocol) DSP (Directory System Protocol) DISP (Directory Information Shadowing Protocol) DOP (Directory Operational Bindings Management Protocol) 12/31/2018 CS8320
8
Standard LDAP, Lightweight Directory Access Protocol, is a networking protocol for querying and modifying directory services running over TCP/IP.[5] 12/31/2018 CS8320
9
How does it work Object resolution process has two steps.
Name resolution: Map name to logical address. More interesting. Example, Locate a server. Retrieve a user object.. Address resolution: map logical address to physical address/network route. It’s a network function. 12/31/2018 CS8320
10
Ways to name an object <attribute>,<name,attributes,address>,<name, type, attributes, address> Flat,hierarchy structure, structure-free name, value pairs Physical, organizational, functional 12/31/2018 CS8320
11
Storage DIB (directory information base) from X.500. It’s a tree structure. 12/31/2018 CS8320
12
12/31/2018 CS8320
13
Access Mode DSA—Directory Service Agent DUA–- Directory User Agent
Client Server Based model 12/31/2018 CS8320
14
12/31/2018 CS8320
15
LDAP Latest technology on directory service. Client server architecture, based on TCP (vs. OSI), less operations, only support string type (vs. more data types), faster and easier to use. [6] 12/31/2018 CS8320
16
LDAP Server It’s a fast read, slow update database. It organized in a very shallow tree fashion for read performance. All or nothing updates. It can return multiple result objects. It only return success search result or failure. It retrieve result from other servers on clients behalf. 12/31/2018 CS8320
17
Terms Domain component – dc Organizational unit – ou
Distinguished name (fully qualified name) – dn Common name – cn 12/31/2018 CS8320
18
Example 12/31/2018 CS8320
19
Query LDAP Combination of DN, filter, and scope…[2]
a base DN indicates where in the hierarchy to begin the search a filter specifies attribute types, assertion values, and matching criteria scope indicates what to search:base DN,one level below the base DN, subtree rooted at the base DN 12/31/2018 CS8320
20
Query base DN: dc = edu scope: entire subtree
filter: objectClass = person 12/31/2018 CS8320
21
Opportunities Performance, cache, replication Reliability, replication
Security 12/31/2018 CS8320
22
Extent ions and Questions
Cache Security 12/31/2018 CS8320
23
References 1.Randy Chow,Theodore Johnson, “Distributed Operating Systems & Algorithms”, 1998 2. Jeff Hodges,"Introduction to Directories and LDAP", June 1997 3. 4. 5. 6. Timothy A. Howes, "The Lightweight Directory Access Protocol: X.500 Lite", July 27, 1995, CITI Technical Report 95-8 12/31/2018 CS8320
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.