Chapter 6       Class of Service


Class of Service (CoS) is a feature of Netscape Directory Server that enables you to manage a group of service-related attributes. These related attributes form a category or class of service. Once you've defined attributes and created new classes in the directory, you can assign a class of service to individual user entries. This eliminates having to store multiple service-related attributes in each user entry in the directory. It also makes it easier to make changes when necessary. If a class of service changes, you need only change its attributes in the CoS templates. You don't have to change the attribute values in each user entry.

This chapter provides an overview the CoS feature, and includes examples for setting up CoS with Delegated Administrator. Topics included in this chapter:

• How CoS Works

• Setting Up CoS in Delegated Administrator

How CoS Works

---

Directory Server clients such as Delegated Administrator read attributes stored in user entries. A user entry typically contains attributes that describe the user's basic information such as name, department, phone number and so on. An entry can also contain a number of related attributes. For example, a user entry might include a number of attributes that desrcibe the hosting services provided to the individual. These attributes might include the cost of the service, amount of storage space, access to email, and access to calendaring. With the CoS feature, you can define service classes that automatically specify values for each of these attributes (see Table 6-1). Once you create these CoS classes, instead of storing four different attributes in a user's entry, you can store a single CoS attribute that contains one of these values: Premium, Deluxe, Promotional, or Basic.

Table 6-1    Siroe customers can choose from four service plans associated with their individual home page.

Class of Service	Cost	Storage	Webmail	Calendar
Premium	$30/mo	30MB	Yes	Yes
Deluxe	$20 /mo	20MB	Yes	Yes
Promotional	$15/mo	10MB	Yes	No
Basic	None	5MB	Yes	No

The CoS logic generates the user entry that is sent to the client. The values returned for these attributes are determined by :

• The entry's DN.

• The objectclass of the entry.

• A service class attribute value stored with the entry. (The absence of the attribute altogether can also imply a specific default class of service.)

• The attribute values stored in a service class template entry.

If schema checking is turned on, CoS attribute values will only be generated where the entry has an objectclass that allows the attribute. If schema checking is turned off, this is not enforced. Multiple class of service schema may be defined within a server, although it is illegal to define schema that conflict with each other.

The following scenario illustrates how CoS works with Delegated Administrator. The Siroe company proivdes its customers the means to create their own home pages. The home page, named MySiroe, is the first page the user sees when he or she logs in to the Siroe internet service. The customer can configure the page to display information such as local news, stock quotes, and links to other sites that may be of special interest to him or her. The customer can also choose from four service plans related to his or her home page: Premium, Deluxe, Promotional, and Basic. These service plans correspond to Siroe's fee structure, which is summarized in Table 6-1. When a customer signs up for a service plan, an administrator uses Delegated Administrator to assign the appropriate class of service to the user's account.

In the Delegated Administrator front end, Class of Service is one category of user account information. If the Class of Service plugins are not properly installed and configured, the message "No services available" will appear in the Service Name column.

When a class of service is assigned to a user, Delegated Administrator adds the CoS objectlass and attributes to the user's directory entry. In this example, the objectclass calUser, and the attribute calclass are added.

Figure 6-1    CoS objectclass and atributes are added to the directory.

dn: uid=bill, ou=People, o=Siroe, o=ISP

objectclass: top

objectclass: person

objectclass: organizationalPerson

objectclass: inetOrgPerson

objectclass: nsManagedPerson

objectclass: mailRecipient

objectclass: nsMessagingServerUser

objectclass: calUser

uid: bill

userpassword: {SHA}rOiT+yyVU6OKhz+wPQ4hpAazUaE=

cn: Bill Johnson

sn: Johnson

givenname: Bill

telephonenumber: 650.555.1212

mail: bill@Siroe

nsdadomain: Siroe

memberof: cn=Group1, ou=Groups, o=Siroe, o=ISP

owner: cn=Department Administrators, cn=Group1, ou=Groups,  o=Siroe, o=ISP

calclass: Premium

Class of Service Definition

Class of service definitions include all the information required to generate specific attribute values. These definitions are stored in directory entries, and can be located anywhere in the DIT. All CoS definition entries contain the objectclass cosDefinition. In the following examples, the service classes apply only to entries within the portion of the tree under ou=People, o=Siroe. In the following example, the service class is defined by specifying the attribute calClass.

Figure 6-2    A CoS definition entry.

objectclass: top

objectclass: account

objectclass: cosDefinition

cosTargetTree: o=Siroe

cosTemplateDn: ou=MySiroeClasses, ou=COS, o=Siroe

cosSpecifier: calClass

cosAttribute: cost

cosAttribute: diskspace

cosAttribute: webamil

cosAttribute: calendar

Defining a Class of Service Schema

A class of service schema is defined by an entry with the cosDefinition objectclass. This entry may reside anywhere in the DIT. The following attributes are required by the cosDefinition:

CosTargetTree. This determines the subtrees of the DIT to which this class of service schema applies. The values for this attribute for this schema and for multiple class of service schema may overlap their target trees in an arbitrary fashion.

CosTemplateDn. This is the DN where the Cos templates are stored. The templates may reside anywhere in the subtrees, and other entries unrelated to class of service may also be contained therein. The caveat is that if any unrelated entry in the target tree contains even one attribute that the class of service schema generates, then that entry is determined to be a class of service template.

CosSpecifier. This is the attribute stored in a user entry that specifies a particular class of service for this schema. In the absence of a default service class this attribute is required for all entries that are to be part of the schema.

CosAttribute. This is a list of the attributes that are provided by the class of service schema. Each of the attribute values may be qualified by either override or default. These qualifications are added to the end of the attribute value, separated by a single space. The override directive makes the attribute value in the class of service schema override any attribute value in the entry being queried for the value. The default directive makes any attribute value in the entry being queried, if one exists, be used instead of the value that would have been supplied by its service class - this is the default behavior in the absence of a qualifier. This directive can be used to allow individual exceptions to the service class.

Templates

Service-class templates define the service classes you want to create for the entries in your directory. Each template corresponds to a single service class. A service class template for a schema is any entry that exists in any of the subtrees in the COS schema's cosTargetTree attribute, and that contains at least one of the attributes the schema generates (CosAttribute).

The template entries for a given class of service schema are all stored in the Directory Information Tree (DIT) as children of a common parent entry. The relative DNs of the template entries are the respective values of the service class attribute, plus the special RDN cosSpecifier-default.

The object class cosSpecifier is the value of the cosSpecifier attribute in cosDefinition. This is used when the service class attribute value is NULL or not present. For example, a cosDefinition with a cosSpecifier value of calClass, has a default template of calClass-default.

Figure 6-3    CoS objectclasses and templates are stored in the directory.

Interaction with Stored Attribute Values

If the class of service logic detects that it is generating an attribute value already stored on the entry, the default action is to supply the stored value to the client. However, the server's behavior can be controlled by means of the cosDefinition entry. The cosAttribute values allow an additional qualifier appended after the attribute type name. Valid qualifier values are override and default. An absent qualifier means the same as default. Override means that the server will always return the value generated by the class of service logic even when there is a value stored with the entry. Default means that the server will only return a generated value if there is no corresponding attribute value stored with the entry. For example:

Figure 6-4    Qualifiers are appended to cosAttribute values.

objectclass: top

objectclass: account

objectclass: cosDefinition

cosTargetTree: ou=People, o=Siroe

cosTemplateDn: ou=MySiroeClasses, ou=COS, o=Siroe

cosSpecifier: calClass

cosAttribute: cost

cosAttribute: diskspace override

cosAttribute: webmail default

cosAttribute: calendar default

Configuration and Management

Because all the configuration information and template data are stored as entries in the directory, standard LDAP tools can be used for CoS configuration and management. Specialized scripts, command-line tools, and graphical UI could be developed. These would use the LDAP SDK to inspect and change the configuration. For detailed information, see Netscape Directory Server 4.12 documentation.

Setting Up CoS in Delegated Administrator

---

In order to use the Class of Service (CoS) feature, you must first make changes in both Directory Server and in Delegated Administrator. The following examples illustrate how you can set up the classes of services described in the Table 6-1. The changes you'll make include:

• Adding CoS Schema

• Modifying user entries

• Modifying Delegated Adminstrator configuration
  

  ---

  Note	Before you can enable the Class of Service feature, its special directory plugin must be installed and configured. This must be done prior to installing Delegated Administrator. For detailed information, see Step 2: Configure the Directory Server Plug-ins.

  ---

  
  

Adding COS Schema

Create a new object class and new attributes for each Class of Service you want to use. The following examples correspond to the classes described in Table 6-1.

To Add CoS Schema

1. Stop the Directory Server.

2. In the file <server_root>/slapd-<identifier>/config/slapd.user_at.conf, add the attritbutes that descibe the class of service. Include a unique oid number for each attribute you add. In the following example, the attributes cost, diskspace, webmail, and calendar will be used to describe various aspects of the new service classes. The attribute calClass is used to define the MySiroe class.

Figure 6-5    Adding CoS attributes to Directory schema.

attribute cost 2.16.840.1.113730.3.1.554 cis attribute diskspace 2.16.840.1.113730.3.1.555 cis attribute webmail 2.16.840.1.113730.1.556 cis attribute calendar 2.16.840.1.11370.1.557 cis attribute calClass 2.16.840.1.11370.1.558 cis

3. In the file <server_root>/slapd-<identifier>/config/slapd.user_oc.conf, add a new Class of Service objectclass at the end of the file. In the Siroe example, the new object class is calUser.

Figure 6-6    Adding a CoS objectclass to Directory schema.

objectclass calUser    oid 2.16.840.1.11370.3.2.116    superior top    allows       cost,       diskspace,       webmail,       calendar,       calclass

.

4. Start Directory Server.

Modifying Existing User Entries

Define the Class of Service and modify Access Control Instructions (ACIs) as necessary. The changes you make will depend upon the classes you're setting up. To implement the classes of service for the Siroe company (Table 6-1), the following entries were added to the directory using the ldapmodify utility.

Figure 6-7    The following entry adds the top of the Class of Service template tree to o=ISP

objectclass: top

objectclass: organizationalunit

Figure 6-8    The following entry adds the COS schema named MySiroe to the directory.

objectclass: top

objectclass: account

objectclass: cosDefinition

cosTargetTree: ou=People, o=Siroe

cosTemplateDn: ou=MySiroeClasses, ou=COS, o=ISP

cosSpecifier: calClass

cosAttribute: cost

cosAttribute: diskspace

cosAttribute: webmail

cosAttribute: calendar

In Figure 6-8, the following CoS classes and attributes are defined as follows:

Object Class or Attribute	Description
cosDefinition	Object class that defines the COS schema entry.
cosTemplateDN	Multi-valued attribute that contains the subtree under which the service class templates for this schema are stored.
cosSpecifier	Multi-valued attribute that contains the name of another attribute in the directory schema. For Directory server 4.1x, you can only use one cosSpecifier per COS schema.
cosAttribute	Attribute that conains the attributes you want the COS plug-in to dynamically add to entries.

Figure 6-9    The following entry adds appriopriate ACI to o=Siroe that allows all administrators to view the new class of service.

changetype: modify

add: aci

aci: (target="ldap:///ou=COS, o=ISP")(targetattr="*")(version  3.0; acl

"Access to all for read/search"; allow (read,search)  userdn="ldap:///all";)

Figure 6-10    The following entry adds the Premium CoS to Bill Johnson's entry.

changetype: modify

add: objectclass

objectclass: calUser

-

add: calclass

calclass: Premium

The examples used in this section affects existing user entries only. To automatically include the new attributes and classes to all new user entries, you must change the Delegated Administrator configuration. For more information, see Chapter 14 "Customizing Configuration in the Directory."

Adding CoS Templates

Figure 6-11    The following entry creates the top of the MySiroeClasses template tree.

objectclass: top

objectclass: organizationalUnit

Figure 6-12    The following template adds the Premium class to MySiroeClasses.

objectclass: top

objectclass: account

objectclass: calUser

cost: 30

diskspace: 30MB

webmail: yes

calendar: yes

Figure 6-13    The following template adds the Deluxe class to MySiroeClasses:

objectclass: top

objectclass: account

objectclass: calUser

cost: 20

diskspace: 20MB

webmail: yes

calendar: yes

Figure 6-14    The following template adds the Promotional class to MySiroeClasses:

objectclass: top

objectclass: account

objectclass: calUser

cost: 0

diskspace: 10MB

webmail: yes

calendar: no

Figure 6-15    The following template adds the Basic class to MySiroeClasses:

objectclass: top

objectclass: account

objectclass: caluser

cost: 0

diskspace: 5MB

webmail: yes

calendar: no