Sample Ad Advertise your business on myplick. Only $2.00 a month.
Comments:
Notes:
Slide 1: Directories: Raiders of the Stanford Model
speeding the journey to directory services v1.0 . . . plus some open questions Keith Hazelton, UW-Madison, Sept. ‘99 http://axle.doit.wisc.edu/~haz
Slide 2: Framework
Defining the task Namespace (briefly) Tree design (the DIT) Schema choices Helping each other
9/24/99
I 2 Middleware Early Harvest, Denver
2
Slide 3: Defining the task
Creating a general purpose wide directory service
enterprise-
– Timothy A. Howes, et al., Understanding and Deploying LDAP Directory Services (MacMillan Network Architecture and Development Series), Published 1999, ISBN: 1578700701 – Directory Service Schema Design, CSG Workshop, U VA, Bob Morgan, U. Wash., chair, May, 1999 http://www.stonesoup.org/Meetings.past/9905/ schema.pres/
9/24/99 I 2 Middleware Early Harvest, Denver 3
Slide 4: Namespace (briefly)
Unique identifiers
• RDN based on 16-byte UUID (as 36-byte string)
– Globally unique, visible, but not people friendly
• Publically visible identifier (PVI) “DR232E433”
– Institutionally unique, visible, people friendly
• And way down there: Primary key for entries
– invisible, immutable, not an LDAP attribute
9/24/99
I 2 Middleware Early Harvest, Denver
4
Slide 5: Tree design (the DIT)
f ... l ... a ... t
• • • • DN: uuid=123…, ou=people, dc=wisc, dc=edu Why? DN changes rare; no need to prune/graft Issue: Challenges for replication Issue: No org-chart reflection in TREE, so no tree-based admin • Org, group info carried in person’s attributes • A scale issue--LAN vs the internet
9/24/99
I 2 Middleware Early Harvest, Denver
5
Slide 6: Schema choices
InetOrgPerson as parent object class
• core attrs., contact info
Intermediate parents? LIPS? CICPerson?
• Interoperability benefits of shared parents
Define wisc-edu-Person to hold our institution-specific attributes
• other sys identifiers, authorization attrs., group attrs.
9/24/99
I 2 Middleware Early Harvest, Denver
6
Slide 7: Schema choices
Principle: Never repurpose an existing attribute. Adhere to its X.500 / RFC definition Principle: A derived class’s attributes are a superset of its parent class’s attributes Issue: How do we represent relations (e.g. one person to multiple appointments] Issue: set of all constraints on schema design => the solution space is null set?
9/24/99 I 2 Middleware Early Harvest, Denver 7
Slide 8: Helping each other
Roadmaps should show alternate routes
• a) COTS metadirectory + directory server • b) registry (RDBMS) + directory server
Interoperable schema
• have to settle on purposes, uses first • How about the access to web page idea from dinner last night? • process???
9/24/99
I 2 Middleware Early Harvest, Denver
8
Slide 9: Helping each other
Finding and joining clusters of clue
• • • CIC, CSG, . . . Network Application Consortium (netapps.org} The Burton Group (tbg.com)
PKI readiness
• UCOP/Columbia -- JSTOR/OCLC DLF “readiness” • ???????
9/24/99
I 2 Middleware Early Harvest, Denver
9
Slide 10: Helping each other
UW-Madison UDS: www.bascom.wisc.edu “special topics” axle.doit.wisc.edu/~haz
???????
9/24/99
I 2 Middleware Early Harvest, Denver
10
