Ready For A Directory Enabled World? Nand Mulchandani Co-Founder, Oblix, Inc. March 31, 1999.

Slides:



Advertisements
Similar presentations
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Advertisements

Distributed Data Processing
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
Active Directory: Final Solution to Enterprise System Integration
Directory services in Nextra - experiences and future plans Kari Marvik, Nextra AS
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Understanding Active Directory
6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.
Administering Active Directory
Windows Server WHAT IS ACTIVE DIRECTORY? FUNDAMENTALS OF THE ACTIVE DIRECTORY – Benefits of Using the Active Directory in an Enterprise Environment.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 4 Introduction to Active Directory and Account Management
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
by Evolve IP Managed Services
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Vikram Thakur Introduction to Active Directory Structure.
BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Chapter 7: Using Windows Servers to Share Information.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
Global Customer Partnership Council Forum | 2008 | November 18 1IBM - GCPC MeetingIBM - GCPC Meeting IBM Lotus® Sametime® Meeting Server Deployment and.
Chapter Intranet Agents. Chapter Background Intranet: an internal corporate network based on Internet technology. Typically, an intranet can.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Chapter 7: WORKING WITH GROUPS
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Designing Active Directory for Security
70-411: Administering Windows Server 2012
MIS3300_Team8 Service Aron Allen Angela Chong Cameron Sutherland Edment Thai Nakyung Kim.
Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.
Windows 2000 Operating System -- Active Directory Service COSC 516 Yuan YAO 08/29/2000.
Security Planning and Administrative Delegation Lesson 6.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
Module 7 Active Directory and Account Management.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
Active Directory Harikrishnan V G 18 March Presentation titlePage 2 Agenda ► Introduction – Active Directory ► Directory Service ► Benefits of Active.
Riva Managed Identity Integration for Active Directory and Novell ® GroupWise ® Aldo Zanoni CEO, Managing Director Omni Technology Solutions
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.
- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.
Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning.
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
1 Pinnacle Telephone Billing System Upgrade Open Forum I February 27, 2009.
2015 NetSymm Overview NETSYMM OVERVIEW December
Introduction to Active Directory
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Planning an Active Directory Deployment Lesson 1.
Implementing Active Directory Domain Services
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
IS4550 Security Policies and Implementation
Unit 27: Network Operating Systems
ACTIVE DIRECTORY An Overview.. By Karan Oberoi.
Security Planning and Administrative Delegation
Presentation transcript:

Ready For A Directory Enabled World? Nand Mulchandani Co-Founder, Oblix, Inc. March 31, 1999

2 The Digital Persona: Unorganized Elements Credit Card Expiration Frequent Flyer Numbers Login Exp Date Certificate DN Application Permissions Securid Number Challenge Phrase Location Floor Number Monitor Serial Number Keyboard Serial Number Title Organization Dep’t Number Department Name Employee Type Employee Number Emp Grade Level Admin Name Manager Direct Reports Indirect Reports Line Phone Number Fax Number Mobile Phone Pager Number Pager Address Name Initials Home Address Home Phone Number Emergency Contact Emergency Phone Social Security Number College Name Hometown Personal URL Department URL Directory Photo Credit Card Number Airline prefs Airline Seating Prefs Budget Authority Login ID Password Password Change Date Password Expiration Date Language Address Absence Message Project Groups Skills Project Responsibilities Personal Groups Desktop OS Version MS Office Version Browser Version IP Address Network Drops Primary Machine IP Address Primary Printer Remote Access? Remote Access Login ID Remote Access password Primary Dial-in Number Connection Speed Securid Exp Date Challenge Phrase Response Work Address Mailstop Building Number Room Number Cubicle Number Mailing Address Geographic Region License Plate Pager Serial Number Laptop Serial Number Modem Serial Number Mouse Serial Number Cell Phone Serial Number Badge Photo Badge Issue date Badge Exp Date Building Access Authorizations Building Badge Number

3 Overview Directory Enabled Applications Directory Enabled Infrastructure Issues to consider when deploying Directories –How do Directory Servers fit into everything –Scope and use of the Directory –Implementation considerations Longer term issues with Directories

4 The Power of the Directory Enabled Network The power of a Directory is directly proportional to the number of applications using it Directories hold the promise of enabling a new class of applications –Rich and comprehensive profiles drive personalization –Ubiquity of configuration information drives universal access –Infrastructure (like the network) automatically work with the applications –Ability to set global policies in a single place –Extensive access control to setup and enforce policies –User centric vs. Administrator centric focus Directory-enable existing applications –Can replace parts of the applications to enable Directory use –Can synchronize application information into the Directory

5 What does “Directory Enabled” mean? Any application that uses or stores information in the Directory Basic Information to keep in the Directory –User Profile Information –Application Configuration Information –Business Rules & Policy Information Directory Enabled Infrastructure –Directory Enabled Networking (DEN) –Messaging Servers –Single Signon –Application Configuration Information Directory Enabled Applications –Messaging Clients, Address books –Project Management –Corporate Services Automation (CSA)

6 Directory Enabling Your Applications Use Directory authentication –Eliminate multiple user authentication databases Store application configuration information in the Directory –Can run multiple copies of the products without having to deal with configuration information –Can manage configuration information through standard admin consoles (e.g. Netscape Mission Control) Add per-user configuration information with user object –Current trend is to use auxiliary classes to store this information –Can distribute change management of this information using applications like Oblix CSA –Per-user configuration is not tied down to a particular computer or workstation –Information can be used by other applications as well

7 Promise of the Directory Enabled Network User Profile & NeedsAvailable Resources Policy Resource Allocation Combination of factors to allocate resources Policy = Business Rules + Specific Rules –Can set specific rules based on users, groups

8 Considerations in Directory deployment It is important to understand how the Directory fits in with the organization –Existing business processes –Organizational/Environmental considerations Scope and use of the Directory –NOS vs. Extranet –Authentication only vs. complete profiles –Publishing vs. Infrastructure –Is the Directory only for use by IT infrastructure? Implementation considerations –Tree design issues –Access Control –Data sources and synchronization –Directory Management

9 SystemsAdministrators Current Situation ProcessUsers Days / Weeks

10 Desired Architecture SystemsUsers LDAP-Based Directory Real-Time

11 The Digital Persona

12 Factors In Creating The Digital Persona Ownership and collection of data –Security issues –Political issues –Different databases and systems holding information Business Processes –No clear definition of information ownership and flow –Tying together effects on multiple departments Corporate Change –Disruption in IS and other departmental systems –Frequency and scope of change End user involvement –How much end-user involvement do you want or need ? –What information should they own ?

13 Key Questions Where does the information come from ? –Department specific databases and applications Who owns the data ? –IS –Other departments (HR, Facilities, Telco) –Employees and Managers Who manages the data ? –IS wants to manage their own data but not all the data –Other departments want to own their own data but don’t have access to it How is it all automated ? –Manual entry by a few people is simply not possible Where are the savings ? –Infrastructure is not enough, need applications and other uses of data

14 Volume and Complexity of Change Constant change in the user base affects the Directory –Rolling out these new services can place a new load on administrators to keep up with the constant change in the user base Integration with the rest of the enterprise –With the concept of the integrated network, it is no longer possible to have disconnected business processes –The Directory is fundamental and cannot exist in isolation –Requires coordination with HR, Facilities, Telco, etc. Policies cannot be centrally created and managed by a single group –All that IS should do is set policies, and let the different departments take care of what they want to do within those constraints –Need to understand organizational/cost structure to set policies

15 Different Directory Deployments Directories are being used in a number of different (but related) environments –Enterprise –Extranet e-commerce applications –ISP Service Provisioning Extranet Internet ISPs Large Enterprise Customers

16 Enterprise Directory Deployment Single Directory with all user profiles? –Short term, customers are deploying Directories for specific reasons or in conjunction with other systems (like Messaging Servers) Cross-Vendor Directory replication is very important –If there is more than one Directory, then need to synchronize the various systems –Unfortunately, cross-vendor Directory replication does not entirely work Transition will happen over time

17 Extranet/ISP Directory Deployment Extranet/ISP: Access control based on user profiles –Profiles control application use, information, etc. Extranet: Internal vs. External users –Typically not stored in the same Directory as the internal users –Need to rollout self-service to manage support costs ISP: Policy management outside the firewall –Bandwidth control for customers

18 Directory Tree Design How do we create a single Directory structure based on different views of the organization? Network Administrators –“Everyone in a subnet” –“Everyone in a domain” HR –“Everyone in a division” –“Everyone in a cost-accounting group” Facilities –“Everyone in this building” Telecom –“Everyone on a particular switch”

19 Example: Directory Enabled Networking Each DS uses its own tree structure –Some are flexible, and some are not –Different between Active Directory and Netscape Directory Server Policies are setup at the tree level –Can setup overall policies based on organizational unit (ou), or even for specific users Impact of Directory structure –Access control and policy creation can be rendered useless with a flat tree structure –Can find alternate ways of defining membership (dynamic groups, common attributes)

20 Longer-term issues with Directory Servers Infrastructure Issues –Scalability –Replication Same vendor server to server Different vendor server to server –Inter-operability between different servers –“Platform” independence –Security and authentication Certificates, etc. Proxy connections and access control Application Support Issues –Schema design and extension –Directory structure and layout Organizational, Network-oriented, Geographic, Flat –Access control to support a variety of different uses –Transaction support

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.