Ability to describe the motivation
for using directory services. |
Factoid:
The /etc/passwd file used
by almost all Unix systems is one of the oldest examples of a computer
based directory. Prior to multi-user systems like Unix there really
wasn't much need for directories. |
Factoid:
Directory-enabled applications
use a directory service to improve their functionality, ease-of-use, and
remote administration. |
|
The Problem And Its Solution
The Underlying Problem
The wide-spread use of client-server applications has spawned
an interesting problem. Since these applications are designed to
be used by multiple people at the same time using multiple systems, some
mechanism is needed to keep track of the network resources (people,
systems, passwords, etc.) that make this type of computing possible.
A good example is email: a company's email system needs to have access
to a list of authorized users and their associated passwords. As
employees join or leave the company, this list (as well as many others)
needs to be updated. For relatively small companies this isn't a
big deal; for relatively large corporations with thousands of employees
this is a significant problem. For multi-national corporations with tens
of thousands of employees this is a nightmare.
Another example is network-based printing: all users' software needs
to know the names of nearby printers. This isn't a problem until
a new printer is added or an old one is removed. In this case everyone
that relies on network printing has to have their local printer configuration
files updated.
The Old Solution
Before the advent of directory services all client-server applications
relied on their own individual database of network resources. These
databases were essentially specialized configuration files that were updated
whenever new resources were added or old ones removed. In the case
of email this configuration file contained the names of all authorized
users, their network IDs (user names), and their passwords.
It's interesting to note that much of this information is also needed
by other network-based applications like the company's online phone book.
The phone book application doesn't need to know the email password for
every employee but it does need to know their real name and their email
user ID. Network-based HR applications also rely on a list of authorized
users.
As the popularity of network-based computing spread to more and more
companies, the chore of managing individual configuration files for each
client-server application became more time consuming. The old solution
of requiring individual configuration files for each application became
unreasonable, particularly when it became apparent that much of the information
in these files was redundant.
A Much Better Solution
In retrospect the solution is obvious: develop a specialized
network-based database and an associated protocol that provides information
about shared resources to a variety of client-server applications.
It should be a reliable, application independent, network-based, read-mostly database.
It should be based on an open standard supported by a large
number of vendors.
It should be independent of the client's operating
system so that Macintosh, Windows, and Unix
systems can benefit from it.
It should have a well defined API
so that programmers can easily develop applications that interact with it.
The basic idea behind directory services is to replace redundant configuration
files with reliable information from a single source.
This greatly simplifies management and administration, and can eliminate the inevitable
inconsistencies that arise with multiple configuration files.
This concept can be easily generalized to include all sorts of configuration
data used by a variety of client-server applications.
Bottom line: Companies can save big bucks by implementing a directory service.
Other Directory Services
Today there are many examples of directory services being used
by large companies and organizations. Some well know examples of
directory services for the Internet are finger, whois, and DNS.
All provide information about users and/or resources such as IP address.
Another well known example of a directory service in the Unix world
is Sun's Network Information Service (NIS).
NIS centralizes the management of many of the common files used within
Unix such as /etc/passwd,
/etc/group, /etc/hosts, etc.
All of these files provide directory service information about
users and resources.
Other examples of proprietary directory services include the following:
- Oracle HR database
- IBM Lotus Notes
- Novell Directory Service (NDS)
- Meeting Maker
- IBM Profs
|