![]() |
iPlanet Delegated Administrator 4.5 Deployment and Customization Guide |
Chapter 6 Class of Service
Class of Service (CoS) is a feature of Netscape Directory Server that enables you to manage a group of service-related attributes. These related attributes form a category or class of service. Once you've defined attributes and created new classes in the directory, you can assign a class of service to individual user entries. This eliminates having to store multiple service-related attributes in each user entry in the directory. It also makes it easier to make changes when necessary. If a class of service changes, you need only change its attributes in the CoS templates. You don't have to change the attribute values in each user entry.This chapter provides an overview the CoS feature, and includes examples for setting up CoS with Delegated Administrator. Topics included in this chapter:
How CoS Works
How CoS Works
Directory Server clients such as Delegated Administrator read attributes stored in user entries. A user entry typically contains attributes that describe the user's basic information such as name, department, phone number and so on. An entry can also contain a number of related attributes. For example, a user entry might include a number of attributes that desrcibe the hosting services provided to the individual. These attributes might include the cost of the service, amount of storage space, access to email, and access to calendaring. With the CoS feature, you can define service classes that automatically specify values for each of these attributes (see Table 6-1). Once you create these CoS classes, instead of storing four different attributes in a user's entry, you can store a single CoS attribute that contains one of these values: Premium, Deluxe, Promotional, or Basic.
Table 6-1    Siroe customers can choose from four service plans associated with their individual home page.
Class of Service
Cost
Storage
Webmail
Calendar
The CoS logic generates the user entry that is sent to the client. The values returned for these attributes are determined by :
The entry's DN.
If schema checking is turned on, CoS attribute values will only be generated where the entry has an objectclass that allows the attribute. If schema checking is turned off, this is not enforced. Multiple class of service schema may be defined within a server, although it is illegal to define schema that conflict with each other.A service class attribute value stored with the entry. (The absence of the attribute altogether can also imply a specific default class of service.)
The attribute values stored in a service class template entry.
The following scenario illustrates how CoS works with Delegated Administrator. The Siroe company proivdes its customers the means to create their own home pages. The home page, named MySiroe, is the first page the user sees when he or she logs in to the Siroe internet service. The customer can configure the page to display information such as local news, stock quotes, and links to other sites that may be of special interest to him or her. The customer can also choose from four service plans related to his or her home page: Premium, Deluxe, Promotional, and Basic. These service plans correspond to Siroe's fee structure, which is summarized in Table 6-1. When a customer signs up for a service plan, an administrator uses Delegated Administrator to assign the appropriate class of service to the user's account.
In the Delegated Administrator front end, Class of Service is one category of user account information. If the Class of Service plugins are not properly installed and configured, the message "No services available" will appear in the Service Name column.
When a class of service is assigned to a user, Delegated Administrator adds the CoS objectlass and attributes to the user's directory entry. In this example, the objectclass calUser, and the attribute calclass are added.
Figure 6-1    CoS objectclass and atributes are added to the directory.
Class of Service Definition
Class of service definitions include all the information required to generate specific attribute values. These definitions are stored in directory entries, and can be located anywhere in the DIT. All CoS definition entries contain the objectclass cosDefinition. In the following examples, the service classes apply only to entries within the portion of the tree under ou=People, o=Siroe. In the following example, the service class is defined by specifying the attribute calClass.
Figure 6-2    A CoS definition entry.
Defining a Class of Service Schema
A class of service schema is defined by an entry with the cosDefinition objectclass. This entry may reside anywhere in the DIT. The following attributes are required by the cosDefinition:
CosTargetTree. This determines the subtrees of the DIT to which this class of service schema applies. The values for this attribute for this schema and for multiple class of service schema may overlap their target trees in an arbitrary fashion.
CosTemplateDn. This is the DN where the Cos templates are stored. The templates may reside anywhere in the subtrees, and other entries unrelated to class of service may also be contained therein. The caveat is that if any unrelated entry in the target tree contains even one attribute that the class of service schema generates, then that entry is determined to be a class of service template.
CosSpecifier. This is the attribute stored in a user entry that specifies a particular class of service for this schema. In the absence of a default service class this attribute is required for all entries that are to be part of the schema.
CosAttribute. This is a list of the attributes that are provided by the class of service schema. Each of the attribute values may be qualified by either override or default. These qualifications are added to the end of the attribute value, separated by a single space. The override directive makes the attribute value in the class of service schema override any attribute value in the entry being queried for the value. The default directive makes any attribute value in the entry being queried, if one exists, be used instead of the value that would have been supplied by its service class - this is the default behavior in the absence of a qualifier. This directive can be used to allow individual exceptions to the service class.
Templates
Service-class templates define the service classes you want to create for the entries in your directory. Each template corresponds to a single service class. A service class template for a schema is any entry that exists in any of the subtrees in the COS schema's cosTargetTree attribute, and that contains at least one of the attributes the schema generates (CosAttribute).The template entries for a given class of service schema are all stored in the Directory Information Tree (DIT) as children of a common parent entry. The relative DNs of the template entries are the respective values of the service class attribute, plus the special RDN cosSpecifier-default.
The object class cosSpecifier is the value of the cosSpecifier attribute in cosDefinition. This is used when the service class attribute value is NULL or not present. For example, a cosDefinition with a cosSpecifier value of calClass, has a default template of calClass-default.
Figure 6-3    CoS objectclasses and templates are stored in the directory. ![]()
Interaction with Stored Attribute Values
If the class of service logic detects that it is generating an attribute value already stored on the entry, the default action is to supply the stored value to the client. However, the server's behavior can be controlled by means of the cosDefinition entry. The cosAttribute values allow an additional qualifier appended after the attribute type name. Valid qualifier values are override and default. An absent qualifier means the same as default. Override means that the server will always return the value generated by the class of service logic even when there is a value stored with the entry. Default means that the server will only return a generated value if there is no corresponding attribute value stored with the entry. For example:
Figure 6-4    Qualifiers are appended to cosAttribute values.
Configuration and Management
Because all the configuration information and template data are stored as entries in the directory, standard LDAP tools can be used for CoS configuration and management. Specialized scripts, command-line tools, and graphical UI could be developed. These would use the LDAP SDK to inspect and change the configuration. For detailed information, see Netscape Directory Server 4.12 documentation.
Setting Up CoS in Delegated Administrator
In order to use the Class of Service (CoS) feature, you must first make changes in both Directory Server and in Delegated Administrator. The following examples illustrate how you can set up the classes of services described in the Table 6-1. The changes you'll make include:
Adding CoS Schema
Modifying Delegated Adminstrator configuration
Note Before you can enable the Class of Service feature, its special directory plugin must be installed and configured. This must be done prior to installing Delegated Administrator. For detailed information, see Step 2: Configure the Directory Server Plug-ins.
Adding COS Schema
Create a new object class and new attributes for each Class of Service you want to use. The following examples correspond to the classes described in Table 6-1.
Stop the Directory Server.
In the file <server_root>/slapd-<identifier>/config/slapd.user_at.conf, add the attritbutes that descibe the class of service. Include a unique oid number for each attribute you add. In the following example, the attributes cost, diskspace, webmail, and calendar will be used to describe various aspects of the new service classes. The attribute calClass is used to define the MySiroe class.
Figure 6-5    Adding CoS attributes to Directory schema.
In the file <server_root>/slapd-<identifier>/config/slapd.user_oc.conf, add a new Class of Service objectclass at the end of the file. In the Siroe example, the new object class is calUser.
Figure 6-6    Adding a CoS objectclass to Directory schema. .
objectclass calUser
oid 2.16.840.1.11370.3.2.116
superior top
allows
cost,
diskspace,
webmail,
calendar,
calclass
Modifying Existing User Entries
Define the Class of Service and modify Access Control Instructions (ACIs) as necessary. The changes you make will depend upon the classes you're setting up. To implement the classes of service for the Siroe company (Table 6-1), the following entries were added to the directory using the ldapmodify utility.
Figure 6-7    The following entry adds the top of the Class of Service template tree to o=ISP
objectclass: top objectclass: organizationalunit
Figure 6-8    The following entry adds the COS schema named MySiroe to the directory.
In Figure 6-8, the following CoS classes and attributes are defined as follows:
Figure 6-9    The following entry adds appriopriate ACI to o=Siroe that allows all administrators to view the new class of service.
changetype: modify add: aci aci: (target="ldap:///ou=COS, o=ISP")(targetattr="*")(version 3.0; acl "Access to all for read/search"; allow (read,search) userdn="ldap:///all";)
Figure 6-10    The following entry adds the Premium CoS to Bill Johnson's entry.
changetype: modify add: objectclass objectclass: calUser - add: calclass calclass: Premium
The examples used in this section affects existing user entries only. To automatically include the new attributes and classes to all new user entries, you must change the Delegated Administrator configuration. For more information, see Chapter 14 "Customizing Configuration in the Directory."
Adding CoS Templates
Figure 6-11    The following entry creates the top of the MySiroeClasses template tree.
objectclass: top objectclass: organizationalUnit
Figure 6-12    The following template adds the Premium class to MySiroeClasses.
objectclass: top objectclass: account objectclass: calUser cost: 30 diskspace: 30MB webmail: yes calendar: yes
Figure 6-13    The following template adds the Deluxe class to MySiroeClasses:
objectclass: top objectclass: account objectclass: calUser cost: 20 diskspace: 20MB webmail: yes calendar: yes
Figure 6-14    The following template adds the Promotional class to MySiroeClasses:
objectclass: top objectclass: account objectclass: calUser cost: 0 diskspace: 10MB webmail: yes calendar: no
Figure 6-15    The following template adds the Basic class to MySiroeClasses:
objectclass: top objectclass: account objectclass: caluser cost: 0 diskspace: 5MB webmail: yes calendar: no
Previous Contents Index Next
Copyright © 2000 Sun Microsystems, Inc. Some preexisting portions Copyright © 2000 Netscape Communications Corp. All rights reserved.
Last Updated May 24, 2001