Directory 101 :)
Directory in the sense we discuss on this thread and what Novell Directory Services is based on is fairly simple to understand once you get the right analogy. I'll try:
The Directory is a repository of information regarding resources available on a network. This information can be partitioned (divided up) and replicated (copied to different locations) for strategic advantages (such as performance - info closer to user makes for faster retrieval OR fault tolerance - if part of your network fails, the entire Directory is not lost - if you plan correctly).
The Directory consists of objects which represent a physical resource (in corporate networks think users, printers, server, data storage devices etc). Once you can represent a resource in a logical way you can then create relationships between various objects. These relationships determine access to the resource.
So what is an object?
An object consists of something called properties. These properties have values. Think of a house - what constitutues a house? Roof, garage, pool, doors, windows, siding - all of these are properties of a house. Now let's look closer - what kind of roof? Is it a 2 car garage or single? inground or above ground pool? 2 doors or one?
We attribute certain characteristics to certain objects also. For instance, a user has name, address, phone number, etc while a workstation object would have different properties such as network address and hardware configuration.
Now, once I can represent a resource logically I can also manage that resource via the Directory by giving users "rights" or permission to access information about any resource. For instance, one person can read phone numbers while another person can edit them.
Or take it into a more familiar space on the internet, I give Amazon.com the "right" to read my credit card info and shipping address. This facilitates e-commerce with less user intervention. (now of course this also means that Amazon.com does not need to keep a record of my information either since they can always refer to my user information in eDirectory). I can also give my credit card issuer the right to change my CC # whenever that needs to be done as well...
Now this is a very simplistic view of a Directory - what you need to do is understand that we've yet to fully move NDS away from it's roots as a network management tool. Having a centralized Directory where I can not only store information about me such as phone #, address etc but my bookmarks, credit card info, medical records, photo et al to facilitate my life in general......well... It get's interesting.
I hope this helps.
Regards,
Peter J Strifas
CNI/CNE |
