 |
Deployment
Guide Netscape Directory Server |
| Index |
DocHome | Next |
Contents
About This Guide
Purpose of This Guide
Directory Server Overview
Conventions Used in This
Guide
Related Information
What is a Directory Service?
About Global Directory Services
About LDAP
Introduction to Directory Server
Overview of Directory Server Architecture
Overview of the Server Front-End
Server Plug-ins Overview
Overview of the Basic Directory Tree
Directory Server Data Storage
About Directory Entries
Distributing Directory Data
Directory Design Overview
Design Process Outline
Deploying Your Directory
Piloting Your Directory
Putting Your Directory Into Production
Other General Directory Resources
Chapter 2 How to Plan Your Directory Data
Introduction to Directory Data
What Your Directory Might Include
What Your Directory Should Not Include
Defining Your Directory Needs
Performing a Site Survey
Identifying the Applications That Use Your Directory
Identifying Data Sources
Characterizing Your Directory Data
Determining Level of Service
Considering a Data Master
Data Mastering for Replication
Data Mastering Across Multiple Applications
Determining Data Ownership
Determining Data Access
Documenting Your Site Survey
Repeating the Site Survey
Chapter 3 How to
Design the Schema
Schema
Design Process Overview
Netscape Standard Schema
Schema Format
Standard
Attributes
Standard
Object Classes
Mapping Your Data to the Default Schema
Viewing
the Default Directory Schema
Matching
Data to Schema Elements
Customizing the Schema
When
to Extend Your Schema
Getting
and Assigning Object Identifiers
Naming
Attribute and Object Classes
Strategies
for Defining New Object Classes
Strategies
for Defining New Attributes
Deleting
Schema Elements
Creating
Custom Schema Files
Custom
Schema Best Practices
Maintaining Consistent Schema
Schema
Checking
Selecting
Consistent Data Formats
Maintaining
Consistency in Replicated Schema
Other Schema Resources
Chapter 4
Designing
the Directory Tree
Introduction to the Directory Tree
Designing Your Directory Tree
Choosing
a Suffix
Suffix Naming Conventions
Naming Multiple Suffixes
Creating
Your Directory Tree Structure
Branching Your Directory
Identifying Branch Points
Replication Considerations
Access Control Considerations
Naming
Entries
Naming Person Entries
Naming Group Entries
Naming Organization Entries
Naming Other Kinds of Entries
Grouping
Directory Entries
About
Roles
Deciding
Between Roles and Groups
About
Class of Service
Directory
Tree Design Examples
Directory
Tree for an International Enterprise
Directory
Tree for an ISP
Virtual
Directory Information Tree Views
Overview
Introduction
to Virtual DIT Views
Advantages
of Using Virtual DIT Views
Example
of Virtual DIT Views
Views
and Other Directory Features
Effects
of Virtual Views On Performance
Compatibility
With Existing Applications
Other
Directory Tree Resources
Chapter 5 Designing the Directory Topology
Topology Overview
Distributing Your Data
About Using Multiple Databases
About Suffixes
About Knowledge References
Using Referrals
The Structure of an LDAP
Referral
About Default Referrals
Smart Referrals
Tips for Designing
Smart Referrals
Using Chaining
Deciding Between Referrals and Chaining
Usage Differences
Evaluating Access
Controls
Using Indexes to Improve Database Performance
Overview of Directory Index Types
Evaluating the Costs of Indexing
Chapter 6
Designing the Replication
Process
Introduction
to Replication
Replication
Concepts
Unit of Replication
Read-Write
Replica/Read-Only Replica
Supplier/Consumer
Change Log
Replication Agreement
Data
Consistency
Common
Replication Scenarios
Single-Master
Replication
Multi-Master
Replication
Cascading
Replication
Mixed
Environments
Defining
a Replication Strategy
Replication
Survey
Replication
Resource Requirements
Using
Replication for High Availability
Using
Replication for Local Availability
Using
Replication for Load Balancing
Example of Network Load Balancing
Example of Load Balancing
for Improved Performance
Example
Replication Strategy for a Small Site
Example
Replication Strategy for a Large Site
Using
Replication with Other Directory Features
Replication
and Access Control
Replication
and Directory Server Plug-ins
Replication
and Database Links
Schema
Replication
Chapter 7
Designing
a Secure Directory
About
Security Threats
Unauthorized
Access
Unauthorized
Tampering
Denial
of Service
Analyzing
Your Security Needs
Determining
Access Rights
Ensuring
Data Privacy and Integrity
Conducting
Regular Audits
Example
Security Needs Analysis
Overview
of Security Methods
Selecting
Appropriate Authentication Methods
Anonymous
Access
Simple
Password
Certificate-Based
Authentication
Simple
Password over TLS
Proxy
Authentication
Preventing
Authentication by Account Inactivation
Designing
a Password Policy
How
Password Policy Works
Password
Policy Attributes
Password Change after Reset
User-Defined Passwords
Password Expiration
Expiration Warning
Grace Login Limit
Password Syntax Checking
Password Length
Password Minimum Age
Password History
Password Storage Scheme
Designing
a Password Policy in a Replicated Environment
Designing
an Account Lockout Policy
Designing
Access Control
About
the ACI Format
Targets
Permissions
Bind Rules
Setting
Permissions
The Precedence Rule
Allowing or Denying Access
When to Deny Access
Where to Place Access Control Rules
Using Filtered Access Control Rules
Using
ACIs: Some Hints and Tricks
Database
Encryption
Securing
Connections with SSL
SASL
Authentication and Encryption
Other
Security Resources
Chapter
8 Directory Design Examples
An Enterprise
Data Design
Schema Design
Directory Tree Design
Topology Design
Database Topology
Server Topology
Replication Design
Supplier Architecture
Supplier Consumer
Architecture
Security Design
Tuning and Optimizations
Operations Decisions
A Multinational Enterprise and its Extranet
Data Design
Schema Design
Directory Tree Design
Topology Design
Database Topology
Server Topology
Replication Design
Supplier Architecture
Security Design
| Index |
DocHome | Next |
© 2004 Sun Microsystems, Inc. Portions copyright 1999, 2002-2004 Netscape Communications Corporation. All rights reserved.
Read the Full Copyright and Third-Party Acknowledgments.