A
ACL
Access Control List. Netscape's mechanism for controlling access
to your directory. ACLs are made up of ACIs.
ACI
Access Control Instruction. A line in an ACL that specifies
who can do what to a particular directory entry.
access domain
This security measure limits access to certain mail server
operations from within a specified domain. For example, an access domain
can be used to limit where mail for an account can be collected.
access rule
Defines the rights a user or user group has to a particular
discussion group.
administrator
The person responsible for managing and maintaining a Netscape
Server.
Administration (or Admin) Server
An HTTP interface used to configure and
manage Netscape servers, including the 4.0 Directory Server. The
Admin Server works closely with the Netscape Console
to provide distributed administration.
API
Application Programming Interface. A semi-formal description
of inputs and outputs supported by a particular application or protocol.
The whole idea behind APIs is to allow other programs or protocols
to interact with each other.
application
Any program designed for use by people, usually to produce
something. Examples include word processors, email programs, and
web browsers.
attribute
A name/value pair.
authentication
The process of verifying your identity. For example, to establish
a connection with a secure server, you may need to authenticate yourself
(or prove your identity) by sending the server your certificate.
B
browser
Client software used to locate and view pages on the World
Wide Web. The best known example is Netscape's Navigator. There's
also a company in Redmond WA that
make a browser.
C
C
C is a very powerful programming language often used by professional
programmers. The "C" in C doesn't really stand for anything;
however, it evolved from another programming language called "B".
CDE
Common Desktop Environment. One of two windowing environments
offered on Sun's Solaris systems (the other is OpenWindows).
CDE represents an attempt to standardize the user interface across several
Unix platforms, including those produced by Hewlett-Packard.
CERN
The European Laboratory for Particle Physics (CERN) invented
the World Wide Web to share information among research groups. This is
where the CERN proxy prototype was produced.
certificate
A digital document issued by a trusted third party (a certificate
authority) to vouch for the claim that a public key belongs to a specific
individual.
Certification Authority
Company or organization that sells and issues authentication
certificates. You may purchase an authentication certificate from a Certification
Authority that you trust. Also known as a CA. Also a central authority
that issues certificates. When you use the Netscape Certificate Server
to issue certificates, you are acting as a CA.
CGI
Common Gateway Interface.
client
A network-based application that requests services from a server.
Examples include web browsers and email programs.
D
daemon
Unix programs that run in the background
and perform a function whenever necessary. Daemons usually run with root
privileges and perform very specialized functions. Common examples of daemon
programs are mail handlers, license servers, and print daemons.
Directory Server
The Netscape server that manages information about people,
discussion groups, and access control. The Directory Server can be
thought of as a database engine that's been optimized for fast reads at
the expense of slow writes.
Directory Server Gateway (DSGW)
An HTTP to LDAP client
associated with an HTTPD server. The DSGW allows
a web browser to perform LDAP client functions, such as querying and accessing
the Directory Server.
directory service
A database application designed to manage descriptive, attribute-based
information, such as a person's location or email address.
directory
A specialized database, also called a data repository, containing
an ordered list of name/value pairs. An example would be "LastName = Brown".
Directories are often used to store information such as employee names
which is needed by several other applications.
distinguished name
1) String representation of an entry's name and location in
an LDAP directory. 2) A method for naming and identifying
people, systems, and organizations. For example, each person has a different
distinguished name. Distinguished names are part of the X.500
standard for directories.
DSGW
Directory Server Gateway. An LDAP
client application that allows web browsers to connect to the Directory
Server for administrative purposes.
DMZ
Demilitarized Zone. Taken from the military term for a safety
zone between battle lines, this refers to an area within the firewall.
Often this is a single machine with access to the internal site and the
outside network. The computer in the DMZ is directly interacting with the
Internet, so strict security measures are required. See also firewall.
DNS
Domain Name System. The system used by machines on a network
to associate standard IP addresses (such as 198.93.93.10)
with host names (such as www.netscape.com). Machines normally get this
translated information from a DNS server, or look it up in tables maintained
on their systems.
document root
A directory on the server machine that contains the files,
images, and data you want to present to users accessing the server.
E
extranet
The part of a company or organization's internal computer network
which is available to outside users, for example, information services
for customers.
F
file extension
The last section of a file name that typically defines the
type of file (for example, .GIF and .HTML). For example, in the filename
index.html the file extension is html.
file type
The format of a given file. For example, a graphics file doesn't
have the same file type as a text file. File types are usually identified
by the file extension (.GIF or .HTML).
firewall
A network configuration, usually both hardware and software,
that forms a fortress between networked computers within an organization
and those outside the organization. It is commonly used to protect information
such as a network's email and data files within a physical building or
organization site. See also DMZ.
FTP
File Transfer Protocol: a method of transferring files to and
from remote computers. Originally found only on UNIX systems but
now available on other platforms.
G
GIF
Graphics Interchange Format: a commonly-used image format
originally created by CompuServe. GIF images are readily viewable
on Unix, Windows, and Macintosh systems.
GUI
Graphical User Interface. Refers to applications that
use user interface mechanisms like a mouse, pull-down menus, etc.
In other words, anything that looks and feels like a Macintosh. The
opposite of GUI is CLI: command-line interface.
H
hostname
A name for a machine of the form machine.domain.com, which
is translated into an IP address. For example, www.netscape.com is the
machine www in the subdomain netscape and com domain.
HTML
Hypertext Markup Language is a formatting language used for
documents on the World Wide Web. HTML files are plain text files with formatting
codes that tell browsers such as the Netscape Navigator how to display
text, position graphics and form items, and display links to other pages.
HTTP
Hypertext Transfer Protocol is the method for exchanging information
between HTTP servers and clients.
HTTPD
An abbreviation for the HTTP daemon, a program that serves
information using the HTTP protocol. The Netscape Communications Server
is often called an httpd.
|
I
IETF
Internet Engineering Task Force. A subsidiary of the
Internet Architechure Board (IAB) which develope and oversee standards
for the Internet.
IMAP (Internet Mail Access Protocol)
Internet Message Access Protocol Version 4 (IMAP4) allows users
to be disconnected from the main messaging system and still be able to
process their mail. The IMAP specification allows for administrative control
for these disconnected users and for the resynchronization of the users'
message store once they reconnect to the messaging system.
intranet
Any network which provides similar services within an organization
to those provided by the Internet outside it but which is not necessarily
connected to the Internet. The most common example is the use by a company
of one or more World-Wide Web servers on an internal TCP/IP
network for distribution of information within the company.
IP address
Internet Protocol address--a set of 4 numbers between 0 and
255, separated by dots, that specifies the network address of a machine
on the Internet. Example: 200.128.13.109
L
LDAP
Lightweight Directory Access Protocol. Directory
service protocol designed to run over TCP/IP and across multiple platforms.
The Netscape
Directory Server uses the
LDAP protocol.
LDAP client
Software used to request and view LDAP entries from an LDAP
Directory Server. See also browser.
LDIF
LDAP Data Interchange Format. Format used
to represent Directory Server entries in text form.
M
MIME
Multimedia Mail Extensions. This is a standard for multimedia
e-mail and messaging. The mime.type file tells the proxy server how to
convert files with certain extensions (such as .GIF)
into a MIME type (such as image/.gif). Without MIME, browsers couldn't
tell the difference between an HTML page and a graphics
file.
N
NCSA
National Center for Supercomputing Applications. A research
organization at the University of Illinois at Urbana-Champaign.
Netscape Console
An administrative frontend used by all Netscape 4.x servers.
Netscape Consoole has taken on many of the functions that used be handled
by the Admin Server.
NIS
Network Information Service. NIS is Sun's network-based
directory service which provides hostnames, usernames, passwords,
etc. to NIS client systems (mostly Solaris boxes).
NT
Microsoft's operating system that incorporates network technology
("NT") with their popular Windows interface.
nshome
nshome is a variable representing the Directory Server's
installation location. The default on NT systems is c:\netscape\server4;
on Solaris systems it's /usr/netscape/server4. nshome
can be set to any available folder or subdirectory during instllation.
ns-slapd
Netscape's LDAP Directory Server service
that is responsible for all actions of the Directory Server. See also slapd.
O
object class
The type of data that an entry is defined to contain.
OS
Commonly-used abbreviation for operating system.
OpenWindows
One of the two main windowing environments used on Solaris
systems (the other one is CDE).
OpenWindows is Sun's implementation of the X11 windowing system.
OSI
Open Systems Interconnect.
P
perl
Practical Extraction & Reporting Language. A popular
scripting language often used to add additional functionality to web pages
through the CGI mechanism. Perl combines most
of the simplicity of Basic with most of the power of C.
pid
Process Identifier. A unique number assigned by the Unix
operating system to each seperate process running on that system.
protocol
A formal specification for electronic
communication between two digital systems. Protocols become extremely
important in any sort of network-based communication, since all systems
on the network must be able to agree on a large number of parameters before
they can interact with each other.
public-key encryption
An encryption scheme, introduced by Diffie and Hellman in 1976,
where each person gets a pair of keys, called the public key and the private
key. Each person's public key is published while the private key is kept
secret. Messages are encrypted using the intended recipient's public key
and can only be decrypted using his private key. The need for sender and
receiver to share secret information (keys) via some secure channel is
eliminated: all communications involve only public keys, and no private
key is ever transmitted or shared.
PKI
Public-key Infrastructure. Refers to the integration of directory
services with certificate services, together with a suitable administrative
layer, which together form the cornerstone of an organization's information
security system.
R
replication
Act of copying directory trees or subtrees from supplier servers
to consumer servers. Multiple LDAP servers can
contain identical directory entries using a mechanism called replication.
If you configure your LDAP servers to use replication, one and only one
LDAP server is responsible for modifications to the directory. This server
is known as the supplier server. Other LDAP servers that receive replicated
directory data are known as consumer servers. All consumer servers refer
modification requests back to the supplier server.
RFC
Request For Comment. Semi-formal documents submitted
to the IETF as proposals for some new network-based
technology (often a protocol). The idea is
to let other people send comments on the proposed technology before it
becomes an accepted standard.
root CA
The CA at the top of the hierarchy of CAs. The root CA has
a self-signed certificate and signs certificates for subordinate CAs.
root
The most privileged user available on UNIX
machines. The root user has complete access privileges to all files on
the machine.
S
sandbox environment
A test system functioning in a non-critical role.
schema
Definitions describing what types of information can be stored
as entries in the LDAP directory. When information
that does not match the schema is stored in the directory, clients attempting
to access the directory may be unable to display the proper results.
schema checking
Ensures that entries added or modified in the directory conform
to the defined schema. Schema checking is on by default and users will
receive an error if they try to save an entry that does not conform to
the schema.
SSL
Secure Sockets Layer. A software library establishing
secure connection between two parties (client and server) used to implement
HTTPS, the secure version of HTTP.
slapd
Program responsible for most functions of the Directory Server
except replication. On Solaris systems, slapd is
a deamon; on NT systems, slapd is a service. See
also ns-slapd.
slapd.conf
The main configuration file for the Directory Server.
It's an ASCII file read by the slapd process upon
startup.
Solaris
This term refers to the operating system and windowing environment
used on almost all computers produced by Sun Microsystems. Solaris
has become the most popular flavor of Unix.
SQL
Structured Query Language. A standardized method of accessing
and manipulating information in a conventional database.
T
target system
A system (computer) that will have new software or services
added to it. The "destination" system.
TCP/IP
Transmission Control Protocol/Internet Protocol. A set of rules
that establish the method with which data is transmitted over the Internet
between two computers.
U
uid
A unique number associated with each user on a UNIX
system (computer). UIDs are stored in the /etc/password file.
The UID for root is always 0.
URL
Uniform Resource Locator, the address to a source of information.
The URL contains four distinct parts, the protocol type, the machine name,
the directory path and the file name. Example: http://learning.netscape.com/courses/prodlist.htm
Unix
A powerful multi-user operating system originally developed
at Bell Labs. UNIX became very popular at universities because AT&T
gave it away for free. More recently Sun Microsystems and other companies
have turned Unix into a versatile enterprise OS.
X
X.500
The set of ISO/IEC documents outlining the standard object
classes, attributes, and LDAP protocols to be used in directory server
creation and management.
X.509
The International Telecommunications Union-T (ITU-T) specifications
for an authentication service. The standard also defines a syntax for certificates.
X.509 certificates are certificates that comply with this syntax.
|