Ability to describe the motivation for using directory services.

Factoid:

The /etc/passwd file used by almost all Unix systems is one of the oldest examples of a computer based directory.  Prior to multi-user systems like Unix there really wasn't much need for directories.



Factoid:

Directory-enabled applications use a directory service to improve their functionality, ease-of-use, and remote administration.

The Problem And Its Solution


The Underlying Problem

The wide-spread use of client-server applications has spawned an interesting problem.  Since these applications are designed to be used by multiple people at the same time using multiple systems, some mechanism is needed to keep track of  the network resources (people, systems, passwords, etc.) that make this type of computing possible. 

A good example is email: a company's email system needs to have access to a list of authorized users and their associated passwords.  As employees join or leave the company, this list (as well as many others) needs to be updated.  For relatively small companies this isn't a big deal; for relatively large corporations with thousands of employees this is a significant problem. For multi-national corporations with tens of thousands of employees this is a nightmare.

Another example is network-based printing: all users' software needs to know the names of nearby printers.  This isn't a problem until a new printer is added or an old one is removed.  In this case everyone that relies on network printing has to have their local printer configuration files updated.


The Old Solution

Before the advent of directory services all client-server applications relied on their own individual database of network resources.  These databases were essentially specialized configuration files that were updated whenever new resources were added or old ones removed.  In the case of email this configuration file contained the names of all authorized users, their network IDs (user names), and their passwords.

It's interesting to note that much of this information is also needed by other network-based applications like the company's online phone book.  The phone book application doesn't need to know the email password for every employee but it does need to know their real name and their email user ID.  Network-based HR applications also rely on a list of authorized users.

As the popularity of network-based computing spread to more and more companies, the chore of managing individual configuration files for each client-server application became more time consuming.  The old solution of requiring individual configuration files for each application became unreasonable, particularly when it became apparent that much of the information in these files was redundant.


A Much Better Solution

In retrospect the solution is obvious: develop a specialized network-based database and an associated protocol that provides information about shared resources to a variety of client-server applications. It should be a reliable, application independent, network-based, read-mostly database. It should be based on an open standard supported by a large number of vendors. It should be independent of the client's operating system so that Macintosh, Windows, and Unix systems can benefit from it. It should have a well defined API so that programmers can easily develop applications that interact with it.

The basic idea behind directory services is to replace redundant configuration files with reliable information from a single source. This greatly simplifies management and administration, and can eliminate the inevitable inconsistencies that arise with multiple configuration files. This concept can be easily generalized to include all sorts of configuration data used by a variety of client-server applications.

Bottom line: Companies can save big bucks by implementing a directory service.


Other Directory Services

Today there are many examples of directory services being used by large companies and organizations.  Some well know examples of directory services for the Internet are finger, whois, and DNS. All provide information about users and/or resources such as IP address.

Another well known example of a directory service in the Unix world is Sun's Network Information Service (NIS). NIS centralizes the management of many of the common files used within Unix such as /etc/passwd, /etc/group, /etc/hosts, etc. All of these files provide directory service information about users and resources.

Other examples of proprietary directory services include the following:

  • Oracle HR database
  • IBM Lotus Notes
  • Novell Directory Service (NDS)
  • Meeting Maker
  • IBM Profs
Copyright © 2000
Sun-Netscape Alliance