Previous
Contents
|
| iPlanet Directory Server Integration Edition Introduction |
Introduction to iPlanet
Directory Server Integration Edition
This booklet introduces iPlanetTM Directory Server Integration Edition, release 5.0 (iDSIE) and includes the following sections:
What is iDSIE?
iPlanet Directory Server Integration Edition is an integrated solution that provides meta-directory services combined with secure, highly available directory services. It is designed to join and synchronize user-identity information distributed across multiple enterprise applications—such as customer databases, human resources applications, network operating systems, messaging systems, and telephone databases—into a single, central repository for the consolidation of user profiles.
iDSIE is built on the industry-leading iPlanet Directory Server, the best-in-class Lightweight Directory Access Protocol (LDAP) directory. In addition to iPlanet Directory Server, iDSIE also contains the components previously called iPlanet Meta-Directory and iPlanet Directory Access Router (LDAP Proxy). iDSIE also includes iPlanet Directory Server Resource Kit.
Based on open standards for broad, cross-platform interoperability, iDSIE offers the following features. It:
Provides a unified, enterprise view of user-profile information stored in multiple locations
Helps reduce the cost of user and account management by automating account creation and management processes
Integrates user account sources across the enterprise, including support for LDAP, Oracle® Database API, and Microsoft® Active Directory. Supports custom connectors through a connector API.
Offers configurable failover and load balancing to enable 24 x 7 directory availability
Dynamically maps differently named LDAP client attributes to directory server attributes
Provides automatic LDAP referral functionality to route requests on behalf of clients
Centralized User Management
iPlanet Directory Server Integration Edition makes centralized user management a reality. Administrators can make changes once in one place and have the changes propagate throughout the enterprise.
Many applications only store information about the users who have accounts on that specific application, information that usually represents a subset of the total number of users in the enterprise. iPlanet Directory Server Integration Edition offers meta-directory tools to leverage identity information beyond the application barrier. It can connect to and reconcile user data from a multitude of discrete applications. Enterprises can leverage information about users in one application and combine it with user information from other applications.
The potentially large number of applications in an enterprise means that there is often a great deal of duplicate user identity information. iPlanet Directory Server Integration Edition offers meta-directory tools that let you consolidate all user-identity information in a single source to automate and reconcile changes to ensure that the information never gets out of sync.
What is more, iPlanet Directory Server Integration Edition can establish a bi-directional link with connected applications. When a change is made in one application, the bi-directional connector sends the change to iDSIE. The change can then be propagated to the other connected applications. Updates take place automatically across the enterprise, providing users with the information they need without having to worry about the data integrity.
Secure, Highly Available Directory Services
iPlanet Directory Server Integration Edition provides an LDAP proxy feature that enhances the security, reliability, and client interoperability of iPlanet Directory Server. Administrators can establish access points for directory requests similar to firewalls, and can route, filter, or block requests for directory information. Unauthorized users and denial of service attacks on the directory can be filtered out before they reach the directory itself.
Should a directory service go offline or fail to respond, the LDAP proxy can reroute an LDAP request to an available directory server in order to provide uninterrupted service to the user. Configurable fail-over and load balancing also help provide highly available directory services.
Some applications need data presented in a special format or a non-standard schema. iPlanet Directory Server Integration Edition provides broad compatibility to applications both by supporting flexible schema and by building views of the data through an on-the-fly schema mapping service.
iPlanet Directory Server Integration Edition also supports an access control mechanism that allows administrators to protect data and provide a level of customization so that iPlanet Directory Server Integration Edition returns results that are pertinent to the user.
The LDAP proxy capability of iPlanet Directory Server Integration Edition provides advanced LDAP services in the form of configurable fail-over and load balancing, firewall-like security functionality, and client interoperability through schema mapping and referral. These are all essential for enabling highly available, reliable, and secure directory deployments.
SDKs, Tools, and Utilities
iPlanet Directory Server Integration Edition also contains the Directory Server Resource Kit (iDSRK), a host of Directory server tools and utilities, including the LDAP JAVA and C SDKs. iDSRK 5.0 is designed to provide supported deployment engineering tools in the areas of performance testing and capacity planning, deployment utilities, debugging and maintenance.
iPlanet Directory Server Resource Kit includes:
Rapid client deployment SDKs and APIs
A collection of high-level APIs that enable developers to rapidly develop new applications that access features of iPlanet servers.
Performance Testing and capacity planning
A collection of tools to help deployment engineers and system administrators measure performance and perform capacity planning for installations of iPlanet Directory Server.
Debugging and maintenance tools
A collection of tools to help deployment engineers and system administrators with troubleshooting as well as the daily maintenance of iPlanet Directory Server.
Deployment utilities and tools
A collection of tools that allows deployment engineers and administrators to roll out new installations of iPlanet Directory Server as well as migrating to new iPlanet Directory Server releases.
LDAP productivity tools and sample applications
A collection of productivity enhancement tools that allows administrators to more easily interface with iPlanet Directory Server, including sample applications that have been developed using iPlanet Directory Server 5.0.
Installation and Deployment
iPlanet Directory Server Integration Edition ships as a collection of components, each of which needs to be installed and configured separately. In addition to Directory Server, you can design and build a deployment using any or all of the other included components.
While all the iPlanet Directory Server Integration Edition components can theoretically be installed on a single server machine, you will almost surely not want to do this. Please review the installation and deployment information in each component's documentation before designing a deployment. Recommended procedure is to consult with iPlanet Professional Services or another iPlanet-certified system integrator before designing and deploying an iPlanet Directory Server Integration Edition installation.
Support for Industry Standards
iPlanet Directory Server Integration Editon supports LDAP version 2 and version 3 operations
Supports X.509 digital certificates
Implements relevant LDAP version 2 and 3 RFCs including RFC 1274, 1558, 1777, 1778, 1959, 2195, 2222, 2247, 2251, 2252, 2253, 2254, 2255, 2256, 2279, 2307, 2377
Supports LDAP search filters, including presence, equality, inequality, substring, approximate ("sounds like"), and the Boolean operators and (&), or (|), and not (!)
Supports LDAP version 3 intelligent referral, which lets a directory refer a query to another directory
Support LDAP version 3 chaining, which allows one directory server to respond on behalf of another
Supported Platforms and Operating Systems
iPlanet Directory Server Integration Editon works on:
Sun® SolarisTM 2.6 Operating Environment (UltraSPARCTM)
iDSIE Documentation
Each iPlanet Directory Server Integration Edition component has its own discrete, comprehensive documentation set. All iPlanet Directory Server Integration Edition documentation is shipped in electronic format only in HTML and Adobe® Acrobat® PDF files.
The documentation is available in two places.
Recommended procedure is to check the documentation on the web site regularly as iPlanet periodically updates and refreshes the documentation there.
Customers who prefer documentation in bound-book format can purchase documentation from fatbrainTM: links are available directly from the iPlanet documentation web site.
Previous Contents
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated July 24, 2001