Sun Java System Calendar Server 6 2004Q2 Deployment Planning Guide |
Chapter 5
Understanding Calendar Server Schema and Provisioning OptionsThis chapter describes the schema and provisioning options for Calendar Server. Because of the complexity in provisioning Calendar Server, you need to understand your options before installing the product.
This chapter contains the following sections:
Understanding Calendar Schema ChoicesThis section describes the two schema options that are available and supported with Calendar Server, and how to decide which to use.
Deciding Which Schema to Use
Choosing the schema that’s right for your installation depends on your provisioning needs:
LDAP Schema 1
LDAP Schema 1 is a provisioning schema that consists of both an Organization Tree and a DC Tree. This set of schema (at the time, it was simply called “schema”) was supported in previous Calendar Server 5.x versions.
When Calendar Server searches for user or group entries, it looks at the user‘s or group’s domain node in the DC Tree and extracts the value of the inetDomainBaseDN attribute. This attribute holds a DN reference to the organization subtree containing the actual user or group entry.
Only sites that have installed previous versions of Calendar Server should use Schema 1.
Note
Migrating to Schema 2 is imperative if you plan to install Calendar Server with other Sun Java System products in the future.
Supported Provisioning Tools
Schema 1 supports LDAP provisioning tools. For more information, see Understanding Calendar Server Provisioning Tools.
Schema 2 (Native Mode)
Schema 2 is a newly defined set of provisioning definitions that describes the types of information that can be stored as entries by using the Directory Server LDAP.
The native mode uses search templates to search the LDAP directory server. Once the domain is found by using the domain search template, the user or group search templates are used to find a specific user or group.
You should use native mode if you are installing Calendar Server for the first time and you do not have other applications on your machine that are dependent on a two-tree provisioning model. You should also use this mode if you want to install other products in the Java Enterprise System product suite.
If you have an existing Calendar Server 5.x installation that uses Schema 1, and you want to integrate Calendar Server with other Java Enterprise Server products, you should migrate your directory to Schema 2 after you upgrade to Calendar Server 6. Refer to the Sun Java System Communications Services Schema Migration Guide for information on how to migrate from LDAP Schema version 1 to LDAP Schema version 2.
Note
Schema 2 Native Mode is the recommended provisioning model for all Sun Java System products in the Java Enterprise System product suite.
Supported Provisioning Tools
Schema 2 supports Sun Java System Communications Services User Management Utility. For more information, see Understanding Calendar Server Provisioning Tools.
Schema 2 Compatibility Mode
Schema 2 compatibility mode is an interim mode between Schema 1 and Schema 2 native mode. Schema 2 compatibility mode supports both schemas and enables you to retain the existing two-tree design you already have. Schema 2 compatibility mode also assumes that you have installed Identity Server prior to installing Messaging Server.
Use Schema 2 Compatibility if you have existing applications that require Schema 1, but you also need functionality that requires Schema 2, for example, Identity Server, single sign-on, and so forth.
Understanding Calendar Server Provisioning ToolsThrough supported Calendar Server provisioning tools, you can query, modify, add, or delete user, group, and domain entry information in your LDAP directory. This section examines these Calendar Server provisioning tools.
In addition to the questions asked in Deciding Which Schema to Use, you should use Table 5-1 to evaluate your schema and provisioning tool options.
Note
Prior to installing and configuring Calendar Server, you need to decide upon a schema model and tool or tools for provisioning your Calendar Server entries.
The following sections provide high-level information about the supported provisioning tools:
LDAP Provisioning Tools
Schema 1 users and groups can be provisioned using the LDAP Directory tools (Schema 2 is not supported). Unlike the Delegated Administrator graphical and command-line interfaces, you can directly provision users and groups by adding, removing, and modifying the LDIF records through LDAP without having to use a user interface.
User Management Utility
Sun Java System Identity Server uses Schema 2. Because the Sun Java System component products in the Java Enterprise System product suite use Schema 2, use the Communications Services 6 User Management Utility. This should particularly be the case if you are using more than one Java Enterprise System product, or if you are performing a brand new installation of Calendar Server.
See the Sun Java System Communications Services User Management Utility Administration Guide for installation details.
Comparing Your Provisioning Tool Options
Table 5-1 shows the various supported schema, provisioning tools, provisioning limitations, and recommended documentation for additional information.