Sun Directory Server Enterprise Edition 7.0 Administration Guide

Data Views That Provide a Single Point of Access When Superior and Subordinate Subtrees Are Stored in Different Data Sources

This section describes how to configure a data view for a single point of access when a superior branch of a subtree is stored in a different data source to a subordinate branch. For information about this type of deployment, see Data Views to Route Requests When Superior and Subordinate Subtrees Are Stored in Different Data Sources in Sun Directory Server Enterprise Edition 7.0 Reference.

The example in this section contains three data views. The base DN of data view 1 is superior to the base DN of data view 2 and the base DN of data view 3. Or, in other words, data source 2 and data source 3 contain subtrees that are subordinate to the subtree on data source 1. The following figure shows the example deployment.

Figure 18–3 Sample Deployment to Routes Requests When Superior and Subordinate Subtrees Are Stored in Different Data Sources

Figure shows a sample deployment that routes requests
when superior and subordinate subtrees are stored in different data sources.

Directory Proxy Server automatically excludes a subordinate branch of a subtree from a data view when the subordinate branch is configured as the base DN of a separate data view.

ProcedureTo Configure Data Views That Provide a Single Point of Access When Superior and Subordinate Subtrees Are Stored in Different Data Sources

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. Create a data source for each LDAP server as described in Creating and Configuring LDAP Data Sources.

  2. Create three data source pools as described in Creating and Configuring LDAP Data Source Pools.

  3. Attach the data sources to the data source pools by following the instructions in Attaching LDAP Data Sources to a Data Source Pool.

    • Attach the data sources that contain dc=example,dc=com to data-source-pool-1.

    • Attach the data sources that contain ou=computer,dc=example,dc=com to data-source-pool-2.

    • Attach the data sources that contain ou=people,dc=example,dc=com to data-source-pool-3.

  4. (Optional) Configure load balancing.

    For information, see Configuring Load Balancing.

  5. Create a data view with a base DN at dc=example,dc=com and a data source pool data-source-pool-1.


    $ dpconf create-ldap-data-view -h host1 -p 1389 dataview-1 \
     data-source-pool-1 dc=example,dc=com
  6. Create a data view with a base DN at ou=computer,dc=example,dc=com and a data source pool data-source-pool-2.


    $ dpconf create-ldap-data-view -h host1 -p 1389 dataview-2 \
     data-source-pool-2 ou=computer,dc=example,dc=com
  7. Create a data view with a base DN at ou=people,dc=example,dc=com and a data source pool data-source-pool-3.


    $ dpconf create-ldap-data-view -h host1 -p 1389 dataview-3 \
     data-source-pool-3 ou=people,dc=example,dc=com
  8. Verify that the subtrees ou=computer,dc=example, dc=com and ou=people,dc=example, dc=com have been excluded from dataview-1 by looking at the excluded-subtrees parameter.


    $ dpconf get-ldap-data-view-prop -h host1 -p 1389 dataview-1 excluded-subtrees

    The list of excluded subtrees is returned.

  9. If necessary, restart the instance of Directory Proxy Server for the changes to take effect.

    For information about restarting Directory Proxy Server, see To Restart Directory Proxy Server.