Hide Notes 

Slide 1: Directories: Raiders of the Stanford Model speeding the journey to directory services v1.0 . . . plus some open questions Keith Hazelton, UW-Madison, Sept. ‘99 http://axle.doit.wisc.edu/~haz
Slide 2: Framework Defining the task  Namespace (briefly)  Tree design (the DIT)  Schema choices  Helping each other  9/24/99 I 2 Middleware Early Harvest, Denver 2
Slide 3: Defining the task  Creating a general purpose wide directory service enterprise- – Timothy A. Howes, et al., Understanding and Deploying LDAP Directory Services (MacMillan Network Architecture and Development Series), Published 1999, ISBN: 1578700701 – Directory Service Schema Design, CSG Workshop, U VA, Bob Morgan, U. Wash., chair, May, 1999 http://www.stonesoup.org/Meetings.past/9905/ schema.pres/ 9/24/99 I 2 Middleware Early Harvest, Denver 3
Slide 4: Namespace (briefly)  Unique identifiers • RDN based on 16-byte UUID (as 36-byte string) – Globally unique, visible, but not people friendly • Publically visible identifier (PVI) “DR232E433” – Institutionally unique, visible, people friendly • And way down there: Primary key for entries – invisible, immutable, not an LDAP attribute 9/24/99 I 2 Middleware Early Harvest, Denver 4
Slide 5: Tree design (the DIT)  f ... l ... a ... t • • • • DN: uuid=123…, ou=people, dc=wisc, dc=edu Why? DN changes rare; no need to prune/graft Issue: Challenges for replication Issue: No org-chart reflection in TREE, so no tree-based admin • Org, group info carried in person’s attributes • A scale issue--LAN vs the internet 9/24/99 I 2 Middleware Early Harvest, Denver 5
Slide 6: Schema choices    InetOrgPerson as parent object class • core attrs., contact info Intermediate parents? LIPS? CICPerson? • Interoperability benefits of shared parents Define wisc-edu-Person to hold our institution-specific attributes • other sys identifiers, authorization attrs., group attrs. 9/24/99 I 2 Middleware Early Harvest, Denver 6
Slide 7: Schema choices Principle: Never repurpose an existing attribute. Adhere to its X.500 / RFC definition  Principle: A derived class’s attributes are a superset of its parent class’s attributes  Issue: How do we represent relations (e.g. one person to multiple appointments]  Issue: set of all constraints on schema design => the solution space is null set?  9/24/99 I 2 Middleware Early Harvest, Denver 7
Slide 8: Helping each other  Roadmaps should show alternate routes • a) COTS metadirectory + directory server • b) registry (RDBMS) + directory server  Interoperable schema • have to settle on purposes, uses first • How about the access to web page idea from dinner last night? • process??? 9/24/99 I 2 Middleware Early Harvest, Denver 8
Slide 9: Helping each other  Finding and joining clusters of clue • • • CIC, CSG, . . . Network Application Consortium (netapps.org} The Burton Group (tbg.com)  PKI readiness • UCOP/Columbia -- JSTOR/OCLC DLF “readiness” • ??????? 9/24/99 I 2 Middleware Early Harvest, Denver 9
Slide 10: Helping each other UW-Madison UDS: www.bascom.wisc.edu “special topics”  axle.doit.wisc.edu/~haz   ??????? 9/24/99 I 2 Middleware Early Harvest, Denver 10