|
|
 A |
access
anonymous 60, 73
determining general types of 73
precedence rule 62
restricting by physical location 74
access control information (ACI) 61
bind rules 66, 67, 68
filtered rules 65
format 66-71
permission 66
target 66, 67
usage advice 69
where to place 64
access control list (ACL) 61
defined 61
permissions 61
access rules
overview 57
access-control
branching to support 89
planning 24
access-control information (ACI)
filtered rules 89
in the directory tree 89
where to place 129
ACI, See access control information
ACL, See access control list
adding object classes 48
strategies 48
allow permissions 63
usage advice 63
analyzing the site survey 34
anonymous access 73
for read 38
overview 60
API, server 145
applications 31
architecture 16
attribute 42
overview 44-46
required and allowed 45
values 45
attribute-data pair 29, 42
authentication 57, 59
certification-based 58
Directory Manager 61
overview 57
with Directory Server NT 59
|
| B |
base distinguished name 20
bind DN 57
bind rules 66, 67, 68
binding to the directory 57
anonymously 60
certificate-based 58
branch point 78
DN attributes 84
searching 86
traditional 85
for access-control 89
for international trees 90
for replication and referrals 88
network names 88
strategies 86
usage advice 84
|
| C |
c attribute 90
C SDK 144
cascading replication 99
certificate-based authenticate 58
changelog 104
circular groups 73
clients 15
API 142
bind algorithm 58
referrals and 125
SDK 144
cn attribute 42, 43, 91, 149
commonName attribute 42, 43, 91, 93
configuration directory 150
consumer server 96, 97
consumer servers 97
consumer-initiated replication 102
required directory entries 104
conventions, in this book 10
country attribute 64, 90
custom filters 141
strategies 142
custom LDAP clients 141
building 143
custom programs 141
client SDKs 144
clients, building 143
customizing the directory service 141
customizing the schema 40, 47-53
being consistent 50
FAQ 52
|
| D |
data access 37
data management
local management example 135
planning 24
replication example 113
data mastering 34
for multiple applications 35
for replication 35, 109
data migration 142
data ownership 36
database 16
access rules 57
replacing 145
with ISPs 81
database plug-in 16, 145
default permissions 62
deny permissions 62
usage advice 63
when to use 63
deployment advice 25
Directory Access Protocol (DAP) 14
directory applications 31
browsers 31
email 31
directory data 27-40
access 37
characteristics 29
creating 151
entry size 108
examples of 30
mastering 34
for multiple applications 35
for replication 35
model 46
ownership 36
planning 28, 31
site survey 33-40
representation 42
what not to include 30
directory deployment team 33
directory design
activities 24
advice 23
examples
extranet 139
international corporation 133-138
multiple suffix, local data management 136
single suffix, global replication 133
single suffix, local data management 135
small organization 127
state government 131
directory entries
creating 151
directory information tree 17
Directory Manager 20
authentication 61
defined 61
directory of directories 136
directory schema 40
directory service 12-15
extending 141
global 14
LDAP 15
n+1 problem 13
Netscape solution 16
uses of 13
X.500 14, 131
directory suffix 78
country root point 80
planning 80
recommended 81, 148
directory tree 17, 77-93
branch point 78, 128, 131
DN attributes 84
searching 86
traditional 85
for access-control 89
for international trees 90
for replication and referrals 88
network names 88
strategies 86
usage advice 84
consumer 97
design advice 149
overview 78
planning 25
populating 151
replicated 98
suffix 78, 128, 131
country root point 80
planning 80
recommended 81, 148
supplier 96
distinguished name 18
name collision 92
avoiding 149
naming non-person entries 93
naming person entries 91
usage advice 149
DIT 17
DN, See distinguished name
DNS 13, 105
network sort 106
round robin 105
|
| E |
email applications 31
enterprise 12
examples
directory design 127-140
extranet 139
international corporation 133-138
multiple suffix, local data management 136
single suffix, global replication 133
single suffix, local data management 135
small organization 127
state government 131
replication
large sites 112
load balancing server traffic 114
local data management 113
messaging traffic 116
small sites 112
extended operations 144, 145
extending the directory service 141
extending the schema 47
FAQ 52
extranet
example 139
replication 100
smart referrals 123
|
| F |
filtered access control rules 65
fonts, in this book 10
|
| G |
global directory services 14
group attribute 64
groups
circular 73
examples 128
naming 93
nested 73
planning 25, 71
usage advice 73
|
| H |
highly available directory services 104
|
| I |
index 117
inetOrgPerson attribute 64
inheritance, in object classes 43
international enterprise
branching to support 90
interoperating with legacy directories 142
|
| J |
java SDK 144
|
| L |
LDAP, See Lightweight Directory Access Protocol
LDAP client API 142
LDAP Data Interchange Format (LDIF) 151
LDIF 151
legacy directory, interoperating with 142
Lightweight Directory Access Protocol (LDAP) 15
client 15
API 142
authentication 57
anonymous 60
certificate-based 58
custom 141
custom, building 143
custom operations 144
directory service architecture 15
directory services 15
extended operations 144
referral handling 125
server 15
load balancing
the network 108
the server 107
local data management 135
|
| M |
mail attribute 92
mastering directory data 34
for multiple applications 35
for replication 35
migrating directory data 142
multiple suffixes 79
with enterprises 82
with extranets 83
with ISPs 81
|
| N |
n+1 directory problem 13
name collision 92
avoiding 149
nested groups 73
Netscape Directory Server 11, 15-17
API 145
architecture 16
authentication 57
anonymous 60
certificate-based 58
capabilities 15
concepts 17-21
database 16
deployment advice 25
extended operations 144
extending 141, 145
load balancing 107
performance 106
plug-ins 141
security policy 56
Netscape Messaging Server
indexes, required 117
replication example 116
network names, branching to reflect 88
network sort 106
network, load balancing 108
non-person entries
naming 93
|
| O |
object class 42
adding new 48
inheritance 43
overview 43-44
standard 43
object class violation 45
organization attribute 64
organizationalPerson object class 43
organizationalUnit attribute 64
organizations, naming 93
|
| P |
passwords, NT Directory Server and 59
performance (server) 106
permissions 62
ACL and 61
allow 63
bind rules 66, 67, 68
default 62
deny 62
when to use 63
on ACIs 66
precedence rule 62
usage advice 63
persistent search 144
person entries, naming 91
planning
access-control 24
data management 24
directory contents 24
directory data 28
site survey 33-40
analyzing 34
documenting 39
directory tree 25
groups 25
referrals 25
replication 25
planning directory data 31
what to consider 32
plug-in 16, 141
server, writing 145
points of access 74
populating the directory 151
precedence rule 62
|
| Q |
quick deployment 147-152
|
| R |
RDN, See relative distinguished name 91
referrals 79, 119-126
branching to support 88
client handling 125
handling by LDAP client 125
overview 120
planning 25
smart referrals
client handling 125
how to use 123
overview 120
usages 123
when returned 120
relational database 145
relative distinguished name (RDN) 91
non-person entries 93
person entries 91
replication 95-104
agreement 102
architecture 96
branching to support 88
cascading 99
consumer server 96, 97
consumer-initiated 102
directory trees 98
examples
large sites 112
load balancing server traffic 114
local data management 113
messaging traffic 116
small sites 112
extranet 100
for high availability 104
initiating synchronization 102
load balancing 106
the network 108
the server 107
local availability 109
modifying data 97
multiple subtrees 100
overview 96
planning 25
single master 96
strategies 110
example 133
subtrees 100
supplier server 96
supplier-initiated 102
replication master 133
root distinguished name 20
root DN 20
password 61
root DSE 78
root entry 19, 128, 131
root password 61
|
| S |
schema 40, 41-53
customizing 40, 47-53
being consistent 50
FAQ 52
deleting standard elements 47
extending 47
overview 42-46
schema checking 45
overview 47
SDK, See software developer kits
secure sockets layer 21, 58
security policy 38, 55
creating 71-75
overview 56
server database 16
server performance 106
server plug-in 145
site survey 33-40
analyzing 34
documenting 39
multinational enterprises 33
network capabilities 110
smart referral 79
client handling 125
example 132, 138
how to use 123
overview 120
usages 123
sn attribute 43
software developer kits (SDKs) 144
SSL (see Secure Sockets Layer)
standard object classes 43
streetAddress attribute 43
styles, in this book 10
subtree replication 100
multiple subtrees 100
suffix 18, 78, 128, 131
country root point 80
multiple 79
with extranets 83
with ISPs 81
with large enterprises 82
planning 80
recommended 81, 148
supplier DN 103
supplier servers 96
capabilities of 96
synchronization and 102
supplier-initiated replication 102
required directory entries 103
surname attribute 43
|
| T |
telephoneNumber attribute 43
terms, in this book 10
top object class 43
|
| U |
uid attribute 43, 92
user authentication 57
user IDs 150
userPassword attribute 43
|
| X |
X.500 14, 51, 84, 85
X.500, coexisting with 131
|
|
|
|
|