Solaris for ISPs Directory Structure
Solaris for ISPs requires a specific structure in the directory information tree (DIT), which is created during installation and configuration. The required structure consists of two naming contexts, referred to as the Open Systems Interconnection (OSI) tree and the Domain Component (DC) tree. Portions of the two trees are parallel. This parallel structure facilitates mapping of domain names from a DNS request through the DC tree to the actual content entries in the OSI tree.
OSI Tree Structure
The OSI tree contains the actual entries for Solaris for ISPs, its component services, administrators of those services, and subscribers to the services. The required structure is shown in Figure 5-1.
Figure 5-1 Solaris for ISPs OSI Tree
In the OSI tree, the entry for the domain sun.com is represented by the entry with the distinguished name o=sun,c=us. This entry is called the root domain, and represents the Solaris for ISPs customer's business. You specify the name of the root domain during installation of the directory services.
Beneath the root domain are four required organizationalUnit entries:
-
Administrators contains entries for SunTM Internet AdministratorTM administrators. These entries are created by the product when you create administrators using the GUI.
-
People contains entries for subscribers to ISP services. You create entries for your customers, whether at the command line or by using the Deja tool.
-
Groups contains entries that group subscriber entries together for access control purposes. You create group entries according to your needs, whether at the command line or by using the Deja tool.
-
Services contains entries created for Solaris for ISPs services. You should make entries under this unit only when you are integrating a new service or are performing a special virtual hosting configuration of SunTM Internet FTP ServerTM. See the Sun Internet FTP Server and the Sun Internet Administrator on-line help for information on this requirement.
People, Groups, and Services nodes are required under each domain entry you define. The Administrators node exists only under the root domain.
Figure 5-2 illustrates a typical set of entries under each organizational unit.
Figure 5-2 OSI Tree Entries
The organizationalUnit entry eng is an example of a domain entry. This might be a corporate customer of the ISP, or anyone who has virtual domain hosting services with the ISP. Domains must have two entries: one here in the OSI tree and another in the DC tree for domain name mapping. See "Creating Domain Entries" for information on creating these two entries properly.
Domains, like the root domain, require certain organizationalUnit entries within them. As shown in Figure 5-3, People, Groups, and Services entries are also required in a domain below the root.
Figure 5-3 Domain Structure in the OSI Tree
When creating a domain entry in the OSI tree, you must also create the entries for People, Groups, and Services. When you configure services for this domain, service entries are made under the Services organizational unit. Subscriber information for this domain forms ispSubscriber entries under the People organization unit.
Note -
Administrator entries are made only under the root domain in this version of Solaris for ISPs. These entries are created by Sun Internet Administrator when you specify them through the GUI.
DC Tree Structure
The DC (domain component) tree maps domain name format (for example, sun.com) to the distinguished name of the corresponding entry in the OSI tree. As shown in Figure 5-4, the DC is usually relatively flat and simpler than the OSI tree.
Figure 5-4 Solaris for ISPs DC Tree
In Figure 5-4, the entry dc=sun,dc=com corresponds to the o=sun,c=us entry in the OSI tree. The eng domain here maps to the domain name server (DNS) form eng.sun.com.
For details on how to make the two domain entries, see "Creating Domain Entries".
- © 2010, Oracle Corporation and/or its affiliates