Previous     Contents     Index     Next     
iPlanet Meta-Directory Configuration and Administration Guide

Chapter 3   Quick Start

Follow these general steps to get Meta-Directory up and running.

  1. Install Meta-Directory and its components.

    Meta-Directory is used to establish an interdependent relationship between two or more sources of data, allowing the data to be integrated, viewed, searched and/or modified from one authoritative source. The components used to join the data include the join engineand connectors (both direct and indirect). During installation, you will be asked to choose a Directory Server and a path to a directory on the Directory Server where the Meta-Directory configuration will be stored. For more information on installation, see the iPlanet Meta-Directory Installation Guide.

  2. Start iPlanet Console, your server group's Administration Server and your external data source.

    iPlanet Administration Services, which includes iPlanet Administration Server and iPlanet Console, was installed along with Meta-Directory. iPlanet Administration Server (accessed through Administration Server console) is the common front-end for all iPlanet Servers. iPlanet Console manages all installed iPlanet server groups. For instance, you might install Directory Server in one directory tree and Meta-Directory in another. Each server group will have its own Administration Server but, iPlanet Console allows the management of both server groups from a single graphical user interface. Similarly, you access Meta-Directory from iPlanet Console although the initial Meta-Directory configuration (step 3 and step 4) is achieved through iPlanet Console. For more information on iPlanet Console, see Chapter 4 "The Console Interface" or the iPlanet Console and Administration Server documentation set.

  3. Create an instance of the join engine.

    The join engine manages the flow and integration of data from different sources into one meta view. An instance of the join engine needs to be configured to create the meta view. The URL of the Directory Server where the meta view will be located as well as an authenticating DN and password are needed for instance creation. Once the instance is created, a meta view is created automatically in the navigation tree of Meta-Directory console. The instance is created from iPlanet Console and Meta-Directory console can be opened from the instance in iPlanet Console. For more information on the join engine, see Chapter 5 "Configuring The Join Engine."

  4. Connect one or more sources of external data to Meta-Directory by creating one or more instances of a server.

    An indirect or direct connector is used to flow data from the external data source to the connector view. Connectors allow information to flow in two directions: original or modified data can move from the data source to the connector view and modified data can flow from the connector view back to the data source. You associate external data with a connector view in one of two ways:

    1. Create an instance of an indirect connector, configure and apply the indirect connector rules and start the instance.

      Any external data source that goes through the process of having its data transformed into LDAP before flowing through the join engine is considered to have an indirect connection to the join engine. Active Directory, NT Domain and Universal Text Parser are indirect connectors which translate proprietary data into LDAP. When an instance of one of these indirect connectors is created (from iPlanet Console, not Meta-Directory console), it links to an external data source and creates a connector view on a Directory Server with which to view the data. Starting the indirect connector instance begins the flow of data from the external data source to the connector view. (It is important to remember that creation of the instance does not flow data; it only opens a data path.)

      Meta-Directory provides rules to manage the flow of data from the external data source through the indirect connector and to the connector view. These indirect connector rules can alter the flow in three ways: by filtering entries from the process, by setting entry ownership, and by matching attributes in the data source to attributes in the connector view. Other indirect connector configuration choices include setting up log options, scheduling synchronization, choosing from available attributes, and, in the case of the Universal connector only, adapting the connector with a Perl script to help it to synchronize a proprietary data source. Indirect connector rules are configured at the connector level on the navigation tree but are applied to specific connectors separately.

      For information on creating and applying indirect connector rules, see Chapter 7 "Connectors and Connector Rules." For information on creating an indirect connector instance specific to your data source, see the corresponding connector's chapter in Part 3, "Meta-Directory Connectors." For information on starting and stopping components, see Chapter 13 "Starting and Stopping Components."

    2. Create a direct connector view and start it.

      The join engine allows access to LDAP Directory Servers and SQL (Oracle) databases within its architecture; these data sources are considered to have a direct connection. A direct connector is not needed; only a connector view need be created. (As there is no connector, the indirect connector rules do not apply either.)

      To create a direct connector view, a Directory Server or an Oracle database needs to be recognized by the join engine. You configure a Directory Server by inputting address information (host name, port, DN name and password), scheduling operation and data modification times and setting up binary attributes. An Oracle database is also configured with database address information with the addition of changelog scripts, operation and data modification times and column selections. Once the Data Servers are connected to Meta-Directory, the direct connector view can be instantiated by pointing it to the server.

      For more information on configuring for connection to these types of data sources, see "Configuring Data Servers" of Chapter 17 "Managing Servers and Permissions." For more information on creating an LDAP connector view, see "Connector Views" of Chapter 6 "Views in Meta-Directory." For information specific to connecting to a database, see Chapter 12 "Configuring the Database Connector."

  5. Define the join process rules.

    The key to managing the manipulation of data from the connector view to the meta view is the join process. This process is the flow of data through the join engine and the data's synchronization within the meta view. Administrators write join process rules to take full advantage of Meta-Directory's synchronization tools. There are five types of rules: join rules, attribute flow rules, DN mapping rules, filters and attribute construction rules. (Don't confuse these rules with the similarly-named indirect connector rules which manage the flow of data between the external data source and the connector view.) Generally, these rules decide which entries (or attributes) from the connector view will exist in the meta view. Specifically, the administrator can, among other things, prevent specific entries from flowing back and forth and specify which attribute values in the connector view map to which attribute values in the meta view.

    The join process rules written at this step will not actually manage the data until they are specifically applied to a participating view in Step 6. For information on creating rules for the join process, see "Creating the Join Engine Instance" of Chapter 5 "Configuring The Join Engine."

  6. Configure a participating view and apply the join process rules.

    A participating view must be added before data will flow from the connector view into the meta view. Once added and enabled, the participating view is telling the join engine that the corresponding connector view is `participating' in the data flow. Applying the join process rules to the participating view will manage data flow between the connector view and meta view.

    The previously-configured join process rules are applied to the participating view after it has been added to the navigation tree. If no rules have been configured, the participating view uses Atomic rules. (The Atomic rules are a set of default DN Mapping rules and Attribute Flow rules that allow data to flow in the absence of previously-configured join process rules.) In addition to the join process rules, the direction of data flow, a data refresh schedule and data refresh filters can be applied to a participating view.

    For more information on participating views, see Chapter 6 "Views in Meta-Directory" where you can find a section called "Creating New Data in the Meta View" of Chapter 6 "Views in Meta-Directory." For information on applying the join process rules, see "Configuring a Participating View" of the same chapter.

  7. Start the join engine.

    The join engine is started from either iPlanet Console or Meta-Directory console. Even when the join engine is started, data will not flow until the participating view and the connector view are enabled. For information on starting the join engine, see Chapter 13 "Starting and Stopping Components."

  8. Enable the participating view.

    The participating view is enabled from the join engine's Operations window in Meta-Directory console. When you enable the participating view, its connector view will flow data into the meta view, using the join process rules applied to it. For information on enabling the participating view, see "Enabling a Participating View" of Chapter 6 "Views in Meta-Directory." For information on the join engine's Status options, see "Join Engine Operations" of Chapter 14 "Monitoring Meta-Directory Components."

  9. Ensure that the connector view is enabled.

    By default, the connector view is always enabled so data flow from the external source to the meta view is always possible, providing the prior eight steps have been executed correctly. The connector view's status can be verified from the connector's Operations window in Meta-Directory console. For information on enabled connector views, see "An Enabled Connector View," on page 107 of Chapter 6 "Views in Meta-Directory." For information on the connector's Status options, see "Connector Operations" of Chapter 14 "Monitoring Meta-Directory Components."

  10. Refresh the data.

    Refreshing the data ensures that the most recent data is flowing. This step is most important when changes and modifications have been made to data. For information on how to refresh connector and meta views, see "Refreshing the Views" of Chapter 6 "Views in Meta-Directory."

Figure 3-1 shows how the Meta-Directory navigation tree appears if you were to create a Universal connector and its corresponding connector view, then enabled it as a participating view.

Figure 3-1    Meta-Directory Navigation Tree With a Configured Connector View

Previous     Contents     Index     Next     
Copyright © 2002 Sun Microsystems, Inc. All rights reserved.

Last Updated April 08, 2002