CS603 Directory Services January 30, 2002. Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?

Slides:



Advertisements
Similar presentations
Directory Service X.500. X.500 – Idea  Idea : look up people and data  User-friendly way  By name, department, or organization  Global White Pages.
Advertisements

Windows Server 2003 AD 安裝設定與管理維護 林寶森
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Distributed Systems Principles and Paradigms Chapter 04 Naming.
Name Services Jessie Crane CPSC 550. History ARPAnet – experimental computer network (late 1960s) hosts.txt – a file that contained all the information.
1 Active Directory (Week 8, Monday 2/26/2007) © Abdou Illia, Spring 2007.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Directory & Naming Services CS-328 Dick Steflik. A Directory.
Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.
NamingCS-4513, D-Term Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,
CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
EEC-681/781 Distributed Computing Systems Lecture 9 Wenbing Zhao Cleveland State University.
CS 603 Naming in Distributed Systems January 28, 2002.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
NamingCS-4513, D-Term Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
4.4 Naming And Directory Services Lakshmi Narayana Gupta Kollepara 09/20/2009 CSC-8320.
Naming And Directory Services Geetika Sharma 09/22/200 8 CSC8320.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.
Distributed Computing COEN 317 DC2: Naming, part 1.
Overview of Active Directory Domain Services Lesson 1.
Chapter 11: Directory Services. Directory Services A directory service is a database that contains information about all objects on the network. Directory.
Directory services Unit objectives
Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.
CS526: Information Security Chris Clifton November 13, 2003 Network Security.
23/4/2001LDAP Overview - HEPix - LAL 2001 LDAP Overview HEPix – LAL Apr Michel Jouvin
Linux Technology Center 18 April 2003 © 2003 IBM LDAP Content Synchronization Kurt D. ZeilengaJong Hyuk Choi OpenLDAP ProjectIBM Research Title slide.
LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL Presented by Chaithra H.T.
The Directory A distributed database Distributed maintenance.
5.1 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Distributed Computing COEN 317 DC2: Naming, part 1.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
January 26, Bob Scheifler Copyright 1999 Sun Microsystems, Inc., all rights reserved. Jini™ Lookup Service Bob Scheifler Senior Staff Engineer Sun.
Module 7 Active Directory and Account Management.
Session 7 Windows Platform Eng. Dina Alkhoudari. Learning Objectives Active Directory review Managing users and groups Single Master Operations Delegation.
Implementing LDAP Client/Server System for Directory Service By Maochun Sun Project Advisor: Dr. Chung-E Wang Department of Computer Science California.
Directory Service AMHS Implementation Workshop Chennai, India 15 th – 17 th December 2008.
Naming (1) Chapter 4. Chapter 4 topics What’s in a name? Approaches for naming schemes Directories and location services Distributed garbage collection.
10.1 Silberschatz, Galvin and Gagne ©2005 Operating System Principles 10.4 File System Mounting A file system must be mounted before it can be accessed.
Computer Science Lecture 9, page 1 CS677: Distributed OS Last Class: Naming Name distribution: use hierarchies DNS Iterative versus Recursive name resolution.
Configuring Name Resolution and Additional Services Lesson 12.
 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
OVERVIEW OF ACTIVE DIRECTORY
LDAP- Protocol and Applications. Role of LDAP Allow clients to access a directory service Directories hold hierarchical structured information Clients.
Module 1: Introduction to Active Directory
Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006.
Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:
Lecture 9: Name and Directory Servers CDK4: Chapter 9 CDK5: Chapter 13 TVS: Chapter 5.
X.500 Part 1 CNS 4650 Fall 2004 Rev. 2. Introduction to X.500 X.500 is basis for most modern directory services (LDAP, NDS, Active Directory) X.500 is.
1 CEG 2400 Fall 2012 Directory Services Directory Services eDirLDAP Active Directory.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.
Introduction to LDAP Frank A. Kuse.
Lecture 7: Name and Directory Servers
IIS.
Lecture 7: Name and Directory Servers
Naming (1) Chapter 4.
Lecture 8: Name and Directory Servers
Introduction to Name and Directory Services
Active Directory (November 7, 2016) © Abdou Illia, Fall 2016.
Presentation transcript:

CS603 Directory Services January 30, 2002

Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?

X.500X.500: What is it? Goal: Global “white pages” –Lookup anyone, anywhere –Developed by Telecommunications Industry –ISO standard directory for OSI networks Idea: Distributed Directory –Application uses Directory User Agent to access a Directory Access Point

Issues How is name used? –Access resource given the name –Build a name to find a resource –Information about resource Do humans need to use name? –Construct and Recall Is resource static? –Resource may move –Change in location may change name Performance requirements –Human-scale

Directory Information Base (X.501)X.501 Tree structure –Root is entire directory –Levels are “groups” Country Organization Individual Entry structure –Unique name Build from tree –Attributes: Type/value pairs –Schema enforces type rules Alias entries

Directory Entry Organization level –CN=Purdue University –L=West Lafayette –… Person level –CN=Chris Clifton –SN=Clifton –TITLE=Associate Professor –…

Directory Operations (X.511)X.511 Query: –Read – get selected attributes of an entry –Compare – does an entry match a set of attributes –List – children of an entry –Search – portion of directory for matching entries –Abandon request Modification – add, remove, modify entry –Modify distinguished name

Distributed Directory (X.518)X.518 Directory System Agent –May have local data –Can forward requests to other system agents –Can process requests from user agents and other system agents Referrals –If DSA can’t handle request, can make request to other DSA –Or tell DUA to ask other DSA

Access Control Directory information can be protected Two issues: –Authentication (X.509)X.509 –Access control (X.501)X.501 Standards specify basic access control –Individual DSA’s can define their own

Replication (X.525)X.525 Single entries can be replicated to multiple DSAs –One is “master” for that entry Two replication schemes: –Cache copies – On demand –Shadow copies – Agreed in advance Copies required to enforce access control –When entry sent, policy must be sent as well Modifications at Master only Copy can be out of date –Each entry must be internally consistent –DSA giving copy must identify as copy

Protocols (X.519)X.519 Directory Access Protocol –Request/response from DUA to DSA Directory System Protocol –Request/response between DSAs Directory Information Shadowing Protocol –DSA-DSA with shadowing agreement Directory Operational binding management Protocol –Administrative information between DSAs

Uses Look-up –Attributes, not just Distinguished Name –Context Humans can construct likely names Browsing Yellow pages –Aliases Search restriction/relaxation Groups –Multi-valued “member” attribute Authentication information contained in directory –E.g., password attribute

LDAP vs. X.500 Lightweight Directory Access Protocol –Supports X.500 interface –Doesn’t require OSI protocol –IETF RFC 2251, X.500 for the internet crowd Useful as generic addressing interface –Netscape address book –System logon identification/authentication –…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.