Understanding and Deploying LDAP Directory Services (2nd Edition)

Understanding and Deploying LDAP Directory Services

About the Authors

About the Technical Reviewers

Acknowledgments

Preface

     The Book's Organization

     The Book's Audience

     Contacting Us

I: An Introduction to Directory Services and LDAP

1. Directory Services Overview

     What Is a Directory?

     What Can a Directory Do for You?

     What a Directory Is Not

     Directory Services Overview Checklist

     Further Reading

     Looking Ahead

2. A Brief History of Directories

     Prehistory and Early Electronic Directories

     Application-Specific and Special-Purpose Directories

     Network Operating System Directories

     General-Purpose, Standards-Based Directories

     Directory Services Future

     Conclusion

     Directory Services Time Line

     Further Reading

     Looking Ahead

3. An Introduction to LDAP

     What Is LDAP?

     The LDAP Models

     LDAP APIs

     LDIF

     LDAP and Internationalization

     LDAP Overview Checklist

     Further Reading

     Looking Ahead

II: Designing Your Directory Service

4. Directory Road Map

     The Directory Life Cycle

     Directory Design Checklist

     Further Reading

     Looking Ahead

5. Defining Your Directory Needs

     An Overview of the Directory Needs Definition Process

     Analyzing Your Environment

     Determining and Prioritizing Application Needs

     Determining and Prioritizing Users' Needs and Expectations

     Determining and Prioritizing Deployment Constraints

     Determining and Prioritizing Other Environmental Constraints

     Choosing an Overall Directory Design and Deployment Approach

     Setting Goals and Milestones

     Defining Your Directory Needs Checklist

     Further Reading

     Looking Ahead

6. Data Design

     Data Design Overview

     Common Data-Related Problems

     Creating a Data Policy Statement

     Identifying Which Data Elements You Need

     General Characteristics of Data Elements

     Sources for Data

     Maintaining Good Relationships with Other Data Sources

     Data Design Checklist

     Further Reading

     Looking Ahead

7. Schema Design

     The Purpose of a Schema

     Elements of LDAP Schemas

     Directory Schema Formats

     The Schema Checking Process

     Schema Design Overview

     Sources for Predefined Schemas

     Defining New Schema Elements

     Documenting and Publishing Your Schemas

     Schema Maintenance and Evolution

     Schema Design Checklist

     Further Reading

     Looking Ahead

8. Namespace Design

     The Structure of a Namespace

     The Purposes of a Namespace

     Analyzing Your Namespace Needs

     Examples of Namespaces

     Namespace Design Checklist

     Further Reading

     Looking Ahead

9. Topology Design

     Directory Topology Overview

     Gluing the Directory Together: Knowledge References

     Authentication in a Distributed Directory

     Designing Your Directory Server Topology

     Topology Design Checklist

     Further Reading

     Looking Ahead

10. Replication Design

     Why Replicate?

     Replication Concepts

     Advanced Features

     Designing Your Directory Replication System

     Replication Checklist

     Further Reading

     Looking Ahead

11. Privacy and Security Design

     Security Guidelines

     The Purpose of Security

     Security Threats

     Security Tools

     Analyzing Your Security and Privacy Needs

     Designing for Security

     Further Reading

     Looking Ahead

III: Deploying Your Directory Service

12. Choosing Directory Products

     Making the Right Product Choice

     Categories of Directory Software

     Evaluation Criteria for Directory Software

     Reaching a Decision

     Directory Software Options

     Choosing Directory Products Checklist

     Further Reading

     Looking Ahead

13. Piloting Your Directory Service

     Pre-pilot Testing

     A Piloting Road Map

     Piloting Checklist

     Looking Ahead

14. Analyzing and Reducing Costs

     The Politics of Costs

     Reducing Costs

     Design, Piloting, and Deployment Costs

     Ongoing Costs of Providing Your Directory Service

     Analyzing and Reducing Costs Checklist

     Further Reading

     Looking Ahead

15. Going Production

     Creating a Plan for Going Production

     Advice for Going Production

     Executing Your Plan

     Going Production Checklist

     Looking Ahead

IV: Maintaining Your Directory Service

16. Backups and Disaster Recovery

     Backup and Restore Procedures

     Disaster Planning and Recovery

     Directory-Specific Issues in Disaster Recovery

     Summary

     Backups and Disaster Recovery Checklist

     Further Reading

     Looking Ahead

17. Maintaining Data

     The Importance of Data Maintenance

     The Data Maintenance Policy

     Handling New Data Sources

     Handling Exceptions

     Checking Data Quality

     Data Maintenance Checklist

     Further Reading

     Looking Ahead

18. Monitoring

     An Introduction to Monitoring

     Selecting and Developing Monitoring Tools

     Proactive Monitoring

     Notification Techniques

     Taking Action

     A Sample Directory Monitoring Utility

     Monitoring Checklist

     Further Reading

     Looking Ahead

19. Troubleshooting

     Discovering Problems

     Types of Problems

     Troubleshooting and Resolving Problems

     Troubleshooting Checklist

     Looking Ahead

V: Leveraging Your Directory Service

20. Developing New Applications

     Reasons to Develop Directory-Enabled Applications

     Common Ways Applications Use Directories

     Tools for Developing LDAP Applications

     Advice for LDAP Application Developers

     Example 1: A Password-Resetting Utility

     Example 2: An Employee Time-Off Request Web Application

     Developing New Applications Checklist

     Further Reading

     Looking Ahead

21. Directory-Enabling ExistingApplications

     Reasons to Directory-Enable Existing Applications

     Advice for Directory-Enabling Existing Applications

     Example 1: A Directory-Enabled finger Service

     Example 2: Adding LDAP Lookup to an Email Client

     Directory-Enabling Existing Applications Checklist

     Further Reading

     Looking Ahead

22. Directory Coexistence

     Why Is Coexistence Important?

     Determining Your Requirements

     Coexistence Techniques

     Privacy and Security Considerations

     Example 1: One-Way Synchronization with Join

     Example 2: A Virtual Directory

     Directory Coexistence Checklist

     Further Reading

     Looking Ahead

VI: Case Studies

23. Case Study: Netscape Communications Corporation

     An Overview of the Organization

     Directory Drivers

     Directory Service Design

     Directory Service Deployment

     Directory Service Maintenance

     Leveraging the Directory Service

     Summary and Lessons Learned

     Further Reading

     Looking Ahead

24. Case Study: A Large University

     An Overview of the Organization

     Directory Drivers

     Directory Service Design

     Deployment

     Maintenance

     Leveraging the Directory Service

     Applications

     Directory Deployment Impact

     Summary and Lessons Learned

     Looking Ahead

25. Case Study: A Large Multinational Enterprise

     An Overview of the Organization

     Directory Drivers

     Directory Service Design

     Deployment

     Maintenance

     Leveraging the Directory Service

     Summary and Lessons Learned

     Further Reading

     Looking Ahead

26. Case Study: An Enterprise with an Extranet

     An Overview of the Organization

     Directory Drivers

     Directory Service Design

     Deployment

     Maintenance

     Leveraging the Directory Service

     Summary and Lessons Learned

     Further Reading