Ability to list some of the
Directory Server's management capabilities
and replication options. |
Factoid:
The Directory Server has
been tested with over 20 million entries. Even under these conditions
it's able to handle hundreds of queries per second. |

|
Description Of Directory Server
4
Basic Capabilities
-
Ability to perform online backups. Administrators can back up and
restore the directory database either through Netscape Console or from
the command line without shutting down the Server. Backup and restore
functions can be scripted, allowing unattended operation.
-
Ability to import and export LDIF files. You can manage large numbers
of directory entries by importing and exporting text-based LDIF
files.
-
Supports Client-Based Failover. The Netscape Directory
SDK (software development kit) offers client based failover by maintaining
a list of alternate directory servers to consult. If the first directory
in the list is unavailable, the client tries the second, then the third,
and so on.
-
Supports Plugins. Customized plug-ins allow you to replace the back-end
data store, set up triggers for data validation and notification, customize
the authentication process, and extend the functionality of the server.
-
Supports SSL. This security feature allows network communication
using ciphers with up to 168-bit encryption. The Directory Server
can access a secured directory by way of LDAP
over SSL using
SSL
hardware accelerators. These PKCS-11 hardware accelerators
allow the Server to offload computation of time-consuming encryption functions.
-
Supports Referrals. Using LDAP
v3 referrals, it's possible to split a directory tree at its branches and
place each branch on its own server with up to 20 million entries per server.
This lets you build extremely large directory repositories.
-
Supports SNMP. You can monitor the Directory Server in real
time using the Simple Network Management Protocol (SNMP). Key
server configuration parameters are stored as directory entries, so authorized
LDAP clients can make changes to the server configuration.
-
Supports Round-Robin DNS. The Directory Server can take advantage
of reliability capabilities in the underlying operating system and network
stack. For example, administrators can deploy multiple instances
of the Server in a DNS
round-robin scheme whereby clients can be rotated through several IP
addresses associated with a given DNS name.
-
Provides Automatic Recover. The Directory Server can survive
certain catastrophic errors such as power failures or disk crashes.
Upon recovery the Server consults its transaction logs and repairs any
database corruption that may have occurred at the time of failure.
Management & Administration
-
Fully Integrated With Netscape Console. Netscape Console is a powerful
server management tool with a graphical interface. It lets
you manage your Directory Server and make changes to your directory
database from any system on the network.
-
Provides Schema
Management Interface. You can create custom object classes and attributes
which define specific entries.
-
Includes Directory Server Gateway (DSGW). Customizable HTTP
to LDAP client
that allows you to access directory data from a web browser.
-
Includes Directory Express. You can use this directory lookup tool
for simple or advanced searches.
-
Command-line tools. You can write scripts to manage the Directory
Server and modify its contents.
-
NT synchronization service. You can synchronize the Windows NT directory
with the Directory Server's directory.
-
Password policy and account lockout. You can define a set
of rules that govern how passwords and accounts are managed in the directory
server.
Replication
Server replication lets administrators set up directory replicas
that provide a seamless directory service. Replicas eliminate single
points of failure allowing clients to query any of a number of directories
scattered throughout the organization. Unlike X.500,
LDAP
v3 doesn't require a separate replication protocol.
The Netscape Directory Server supports the following types of replication:
-
LDAP-based replication. Netscape Directory Server uses LDAP for
replication, laying the foundation for cross-vendor replication of directory
information. Netscape plans to publish the details of this replication
scheme to the IETF
and encourage directory vendors to implement LDAP-based replication.
-
Scheduled replication. Administrators can schedule the replication
time according to their criteria (such as cost, reliability of network
connections, and number of incoming client queries). For example,
they can set up replication to occur as soon as a change is made or only
at a specified time each evening.
-
Partitioned replication. Administrators can divide the directory
into logical partitions that make sense for their organization (such as
buildings, geographies, workgroups, business units, or departments).
Each partition, which can be as small as a single entry, is assigned a
single server that can write to that partition. Because each entry
has an unambiguous master, administrators don't need to manage the complexity
of directory update conflicts between multiple masters.
-
Online replica creation. Improved ease of use by supporting
online creation of replicas. In earlier versions, administrators had to
shut the server down to set up a replica.
-
Resilient supplier or consumer initiated replication. With
Directory Server 1.0, supplier directories used a push model to control
what to replicate and when. Clients can request replication; this
pull replication model gives client applications some control over the
replication schedule.
-
Cascaded replication. For environments with a large number
of directories, replicas can be designed to cascade; in other words, a
master server replicates to replicas, which in turn replicate to another
tier of replicas.
|