Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding Novell DirXML™ Technology

Published byReginald Eric Bruce Modified over 9 years ago

Similar presentations

Presentation on theme: "Understanding Novell DirXML™ Technology"— Presentation transcript:

1 Understanding Novell DirXML™ Technology
Novell BrainShare 2002 Understanding Novell DirXML™ Technology Nick Nikols DirXML Architect and Engineering Manager Novell, Inc. Steven Weitzeil Director, DirXML and Common UI TUT235—Understanding Novell DirXML Technology

2 Vision…one Net Mission
A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

3

4 What Is DirXML™? Data-sharing service
Provides bi-directional data flow between eDirectory and enterprise applications Administrator determines the data to be shared Matches existing business processes Runs on all Novell eDirectory™ supported platforms (NetWare®, Win2K, NT, Solaris, Linux, AIX) Requires no changes to existing applications Transforms data into the format required by the target application

5 Islands of Isolated Data
HR ERP DB OS Dir. DEN

6 Sharing Data through the Directory
ERP DB OS Novell eDirectory with DirXML Dir. DEN

7 DirXML Architecture DirXML Novell Engine eDirectory Application DirXML
Rules and Stylesheets DirXML Subscriber Channel DirXML Engine DirXML Driver Shim Novell eDirectory Application Publisher Channel Novell eDirectory Server

8 DirXML Architecture The Remote Loader
Rules and Stylesheets DirXML Subscriber Channel DirXML Engine Remote Loader Shim Remote Loader Service DirXML Driver Shim Novell eDirectory Application Publisher Channel Novell eDirectory Server

9 Components of DirXML DirXML engine DirXML Driver Shim
eDirectory interface Join engine DirXML Driver Shim XML interface Application’s native interface Subscriber and publisher channels Filters manage flow in both directions Policies may be applied differently to each channel

10 DirXML Engine eDirectory interface Join engine
Supports loading of multiple drivers Guaranteed delivery of eDirectory events eDirectory event loop-back detection Join engine Handles data transformations Rules processor XSLT processor

11 DirXML Driver Shim XML interface Application’s native interface
Issue and receive XML documents Document Object Model (DOM) Application’s native interface Applications don’t have to change Can be either remoted via the remote loader or can use the application’s own remote capability (if any)

12 Publisher and Subscriber Channels
Publisher channel Propagates events from the application to eDirectory Subscriber channel Propagates events from eDirectory to the application Filters Manage the flow of data on both channels A list of desired classes and their attributes Determines the authoritative source(s) of data

13 Publisher and Subscriber Filters

14 Authoritative Data Sources
Problem Some applications are authorities over certain data and should be the sole publishers of that data Solution Publisher and subscriber filters control the flow of changes to the data eDirectory rights allow only the publisher to modify the data

15 Authoritative Data Sources (cont.)
CN Bobby Department Marketing Sales EmpId 003456 Date of birth 2/15/1965 Publisher only Dept Subscriber only Dept Assoc. Assoc. HR 003456 EmpId 003456 Address Dept Marketing Sales Dept Sales Marketing DOB Birthdate 2/15/65 HR

16 Converting to Application’s Native Format
Schema mapping Object mapping Data transformation Event transformation

17 Schema Mapping Problem Solution
Different applications support different class and attribute names Solution Schema mapping rules DirXML provides straightforward rules for mapping between different schemas All connected applications can have different schemas

18 Schema Mapping Rule (cont.)

19 Schema Mapping Rule (cont.)
Provides a one-to-one mapping of classes and their attributes Same rule used for both Publisher and Subscriber <?xml version="1.0" encoding="UTF-8"?> <attr-name-map> <!-- Schema mapping for User object. --> <class-name> <nds-name>User</nds-name> <app-name>inetOrgPerson</app-name> </class-name> <attr-name class-name="User"> <nds-name>CN</nds-name> <app-name>cn</app-name> </attr-name> <nds-name>uniqueID</nds-name> <app-name>uid</app-name> <nds-name>Given Name</nds-name> <app-name>givenname</app-name> </attr-name-map>

20 Schema Mapping HR E-mail Date of birth Date of birth DOB Birthdate CN
Bobby Department Sales EmpId 003456 Date of birth Date of birth Date of birth 2/15/1965 Assoc. DOB Assoc. HR 003456 Birthdate EmpId 003456 Address Dept Sales Dept Sales DOB Birthdate 2/15/65 HR

21 Object Mapping Problem Solution
Different systems have different unique identifiers for same objects Solution Association attribute DirXML stores the unique identifier for each system in eDirectory No need to have a single unique ID across all systems Objects can be mapped regardless of hierarchy

22 Associations Novell eDirectory HR E-mail O=People OU=Sales
OU=Engineering CN=Rita CN=John CN=Bobby CN=Suzy HR 007886 009843 005484 003456

23 Associations HR E-mail CN Bobby 003456 Sales bdoe@ab.com 2/15/1965
Department EmpId Date of birth Assoc. Assoc. HR 003456 HR EmpId 003456 Address Dept Sales Dept Sales DOB Birthdate 2/15/65

24 Building Associations
Finding an existing object that matches Is there an object that matches my criteria? Creating a new object Do I have all of the required info to create the new object? Placing a new object Where should I place the new object?

25 Object Matching Rule

26 Object Matching Rule (cont.)
Determines the criteria for finding a match Must have a unique result Multiple matches results in an error meaning the matching criteria was too vague <?xml version="1.0" encoding="UTF-8"?> <matching-rules> <matching-rule description=“Initial Matching Criteria”> <match-class class-name=“User”/> <match-attr attr-name=“Surname”/> <match-attr attr-name=“Social Security Number”/> </matching-rule> <matching-rule description=“Secondary Matching Criteria”> <match-attr attr-name=“Given Name”/> <match-attr attr-name"Surname”/> <match-attr attr-name=“Telephone Number”/> </matching-rules>

27 Object Create Rule

28 Object Create Rule (cont.)
Determines the set of required attributes Vetoes create if required attributes are not present Default values and templates can be specified <?xml version="1.0" encoding="UTF-8"?> <create-rules> <create-rule class-name="User" description="Create Rule"> <required-attr attr-name="Given Name"/> <required-attr attr-name="Surname"/> <required-attr attr-name="uniqueID"/> <required-attr attr-name="L"> <value type="string"><![CDATA[Provo]]></value> </required-attr> <template template-dn="\DirXML-Tree\Novell\User-Role"/> </create-rule> </create-rules>

29 Object Placement Rule

30 Object Placement Rule (cont.)
<?xml version="1.0" encoding="UTF-8"?> <placement-rules dest-dn-format="slash" src-dn-format="ldap"> <!-- Placement rule for User objects.--> <placement-rule description="Placement based on Location"> <match-class class-name="User"/> <match-attr attr-name="L"> <value type="string"><![CDATA[Provo]]></value> </match-attr> <placement> <![CDATA[\DirXML-Tree\Novell\PRV\]]><copy-name/> </placement> </placement-rule> <placement-rule> <![CDATA[\DirXML-Tree\Novell\]]><copy-attr attr-name=”Surname"/> </placement-rules> Determines criteria for placement of the new object Criteria can be based on class, attribute, or path

31 Building Associations on the Subscriber Channel
Desired eDirectory event occurs Error Apply matching rule: Multiple Apply create rule Does this object have an association? NO Number of matches Do we have all required attributes? NO Zero Query App Query eDirectory One YES YES Modify App object Modify eDirectory object Modify App Object Merge attributes Apply placement rule Write association Create App Object Mark association pending

32 Building Associations on the Publisher Channel
Error Desired App event occurs Apply matching rule: Multiple Does this object have an association? Apply create rule Number of matches Do we have all required attributes? NO NO Query eDirectory Zero Query eDirectory One YES YES Modify eDirectory object Modify eDirectory object Modify App object Merge attributes Query App Apply placement rule Write association Create eDirectory object

33 Data Transformation Problem Solution
Applications have different representations for the same data vs. 2/15/65 Solution DirXML allows data to be transformed to a canonical format Requires an XSLT stylesheet Extensions can be provided to call procedural programs

34 Data Transformation HR E-mail 2/15/1965 2/15/1965 15.2.1965 2/15/65 CN
Bobby Department Sales EmpId 003456 2/15/1965 2/15/1965 Date of birth 2/15/1965 Assoc. Assoc. HR 003456 2/15/65 EmpId 003456 Address Dept Sales Dept Sales DOB Birthdate 2/15/65 HR

35 Event Transformation Problem Solution
Events may need to be transformed A delete event may need to be transformed into a modify Solution DirXML allows events to be transformed to perform other operations Is processed before the DirXML add processor Requires an XSLT stylesheet Extensions can be provided to call procedural programs

36 Event Transformation HR O=People OU=Sales OU=Engineering CN=Rita
CN=John CN=Bobby deleted CN=Bobby CN=Suzy Delete object CN=Bobby disabled 003456 005484 007886 009843 HR

37 Transforming Between eDirectory Format and Application Format
Rules and Stylesheets eDirectory to APP Subscriber Channel eDirectory Event eDirectory formatted XML APP formatted XML Apply to APP DirXML Driver Shim DirXML Engine Novell eDirectory Application Publisher Channel APP to eDirectory APP formatted XML Apply to eDirectory eDirectory formatted XML APP Event DirXML Novell eDirectory Server Rules and Stylesheets

38 Order of Rule Processing on the Subscriber Channel
The DirXML Engine Subscriber Filter Does an association exist? Event Cache Schema Mapper Convert Event to XML YES NO Event Transformation Command Transformation Output Transformation Matching Rule Create Rule Placement Rule Subscriber Add Processor

39 Order of Rule Processing on the Publisher Channel
Publisher Add Processor Placement Rule Create Rule Matching Rule Publisher Filter Schema Mapper Convert XML to eDirectory NO YES Does an association exist? Command Transformation Event Transformation Input Transformation The DirXML Engine

40 DirXML 1.1 New Functionality
Novell BrainShare 2002 DirXML 1.1 New Functionality Remote Loader Command Transformation Rule Rule Chaining Dynamic Class Loader Enhanced Error Logging Product Activation TUT235—Understanding Novell DirXML Technology

41 Command Transformation
Similar to Event Transformation Is processed after the DirXML add processor Requires an XSLT stylesheet Extensions can be provided to call procedural programs

42 Rule Chaining Previously, if more complex policies were required, a DirXML rule could be replaced by an XSLT stylesheet You could reference either a DirXML rule, or an XSLT stylesheet, but not both Rule Chaining DirXML rules can now reference XSLT stylesheets Provides the ability to simply describe most policies in a DirXML rule and reference XSLT stylesheets to describe the more complex policies

43 Novell BrainShare 2002 Dynamic Class Loader Previously, the administrator needed to reload the JVM if The classpath changed A new .JAR file (java drivers) is added Dynamic Class Loader New .JAR files are loaded upon request Reload JVM only if replacing an existing .JAR file TUT235—Understanding Novell DirXML Technology

44 Enhanced Error Logging
Novell BrainShare 2002 Enhanced Error Logging DirXML engine and drivers Historically errors have been written in multiple locations Errors are now written to the appropriate object Driver set Publisher Subscriber Errors are still written to log files and the trace screen This greatly reduces effort needed to find error information TUT235—Understanding Novell DirXML Technology

45 Novell BrainShare 2002 DirXML Activation To allow for easier evaluation, DirXML 1.1 is now freely available for a 90 day trial period DirXML 1.1 can then be “Activated” once the product has been purchased The Activator assists customers in notifying Novell about Themselves The product they are activating The “domain” they are activating the product in TUT235—Understanding Novell DirXML Technology

46 Conclusion DirXML provides a bi-directional data flow framework between eDirectory and enterprise applications DirXML matches existing business processes Administrators determine the data to be shared Runs on all Novell eDirectory supported platforms (NetWare, Win2K, NT, Solaris, Linux, AIX) Requires no changes to existing applications Transforms data into the format required by the target application

47 Training and Education at BrainShare
Study and preview Directory and Database Integration Using DirXML (Course 992) at The Learning Zone DirXML self-study materials at the BrainShare Bookstore

48 Training and Education
Directory and Database Integration Using DirXML Course 992 Import Drivers Implementation Strategies ATT—Advanced DirXML Troubleshooting Techniques Customization XML, XDS Rules, and XSLT Provo, March 25-28 Additional information at

49

Download ppt "Understanding Novell DirXML™ Technology"

Similar presentations

1 Integration Made Easy Agile Integration: Connecting Salesforce With Your Enterprise.

1 Integration Made Easy Agile Integration: Connecting Salesforce With Your Enterprise.
Novell eDirectory™ Deployment at Hydro Quebec Richard Cabana Enterprise Technology Account Manager Novell Canada Ltd.

Novell eDirectory™ Deployment at Hydro Quebec Richard Cabana Enterprise Technology Account Manager Novell Canada Ltd.
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.

Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 2: IS Building Blocks Objectives

Chapter 2: IS Building Blocks Objectives
Jason Morrill NCOAUG Training Day February, 2008

Jason Morrill NCOAUG Training Day February, 2008
Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.

Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.
Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.

Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.
Managing time-driven entitlement policies with Identity Manager E. Axel Larsson Drew University 20 July 2005.

Managing time-driven entitlement policies with Identity Manager E. Axel Larsson Drew University 20 July 2005.
Configuring Novell Account Management with Identity Manager for Linux and UNIX Doug Anderson Product Manager Boyd Wilson Product Architect,

Configuring Novell Account Management with Identity Manager for Linux and UNIX Doug Anderson Product Manager Boyd Wilson Product Architect,
Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting.

Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting.
Understanding the Architecture of Identity Manager 2 (formerly DirXML) Dave Horne Engineering Manager Steve Weitzeil Identity Solutions.

Understanding the Architecture of Identity Manager 2 (formerly DirXML) Dave Horne Engineering Manager Steve Weitzeil Identity Solutions.
December 15, 2011 Use of Semantic Adapter in caCIS Architecture.

December 15, 2011 Use of Semantic Adapter in caCIS Architecture.
Configuring Identity Manager 2 (formerly DirXML ® ) for JDBC (w/DirXML) Jason Elsberry Software Engineer

Configuring Identity Manager 2 (formerly DirXML ® ) for JDBC (w/DirXML) Jason Elsberry Software Engineer
Nsure ™ Identity Manager 2 (formerly DirXML ® ) Driver Development Overview Richard Matheson DirXML Driver Engineering Manager Novell, Inc.

Nsure ™ Identity Manager 2 (formerly DirXML ® ) Driver Development Overview Richard Matheson DirXML Driver Engineering Manager Novell, Inc.
Joe Skehan Senior Product Manager, Net Directory Services Novell, Inc. Introduction to Novell DirXML ™

Joe Skehan Senior Product Manager, Net Directory Services Novell, Inc. Introduction to Novell DirXML ™
Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.

Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.
Implementing DirXML ® Stylesheets David Wagstaff

Implementing DirXML ® Stylesheets David Wagstaff
Novell Nsure TM Identity Manager 2 andGroupWise Provisioning Art Purcell, GroupWise ® Engineering, David Holbrook, DirXML Engineering,

Novell Nsure TM Identity Manager 2 andGroupWise Provisioning Art Purcell, GroupWise ® Engineering, David Holbrook, DirXML Engineering,

Similar presentations

Ads by Google