Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS603 Directory Services January 30, 2002. Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "CS603 Directory Services January 30, 2002. Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?"— Presentation transcript:

1 CS603 Directory Services January 30, 2002

2 Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?

3 X.500X.500: What is it? Goal: Global “white pages” –Lookup anyone, anywhere –Developed by Telecommunications Industry –ISO standard directory for OSI networks Idea: Distributed Directory –Application uses Directory User Agent to access a Directory Access Point

4 Issues How is name used? –Access resource given the name –Build a name to find a resource –Information about resource Do humans need to use name? –Construct and Recall Is resource static? –Resource may move –Change in location may change name Performance requirements –Human-scale

5 Directory Information Base (X.501)X.501 Tree structure –Root is entire directory –Levels are “groups” Country Organization Individual Entry structure –Unique name Build from tree –Attributes: Type/value pairs –Schema enforces type rules Alias entries

6 Directory Entry Organization level –CN=Purdue University –L=West Lafayette –… Person level –CN=Chris Clifton –SN=Clifton –TITLE=Associate Professor –…

7 Directory Operations (X.511)X.511 Query: –Read – get selected attributes of an entry –Compare – does an entry match a set of attributes –List – children of an entry –Search – portion of directory for matching entries –Abandon request Modification – add, remove, modify entry –Modify distinguished name

8 Distributed Directory (X.518)X.518 Directory System Agent –May have local data –Can forward requests to other system agents –Can process requests from user agents and other system agents Referrals –If DSA can’t handle request, can make request to other DSA –Or tell DUA to ask other DSA

9 Access Control Directory information can be protected Two issues: –Authentication (X.509)X.509 –Access control (X.501)X.501 Standards specify basic access control –Individual DSA’s can define their own

10 Replication (X.525)X.525 Single entries can be replicated to multiple DSAs –One is “master” for that entry Two replication schemes: –Cache copies – On demand –Shadow copies – Agreed in advance Copies required to enforce access control –When entry sent, policy must be sent as well Modifications at Master only Copy can be out of date –Each entry must be internally consistent –DSA giving copy must identify as copy

11 Protocols (X.519)X.519 Directory Access Protocol –Request/response from DUA to DSA Directory System Protocol –Request/response between DSAs Directory Information Shadowing Protocol –DSA-DSA with shadowing agreement Directory Operational binding management Protocol –Administrative information between DSAs

12 Uses Look-up –Attributes, not just Distinguished Name –Context Humans can construct likely names Browsing Yellow pages –Aliases Search restriction/relaxation Groups –Multi-valued “member” attribute Authentication information contained in directory –E.g., password attribute

13 LDAP vs. X.500 Lightweight Directory Access Protocol –Supports X.500 interface –Doesn’t require OSI protocol –IETF RFC 2251, 225622512256 X.500 for the internet crowd Useful as generic addressing interface –Netscape address book –System logon identification/authentication –…

Download ppt "CS603 Directory Services January 30, 2002. Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?"

Similar presentations

Directory Service X.500. X.500 – Idea  Idea : look up people and data  User-friendly way  By name, department, or organization  Global White Pages.

Directory Service X.500. X.500 – Idea  Idea : look up people and data  User-friendly way  By name, department, or organization  Global White Pages.
Windows Server 2003 AD 安裝設定與管理維護 林寶森

Windows Server 2003 AD 安裝設定與管理維護 林寶森
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.

How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.

Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Distributed Systems Principles and Paradigms Chapter 04 Naming.

Distributed Systems Principles and Paradigms Chapter 04 Naming.
Name Services Jessie Crane CPSC 550. History ARPAnet – experimental computer network (late 1960s) hosts.txt – a file that contained all the information.

Name Services Jessie Crane CPSC 550. History ARPAnet – experimental computer network (late 1960s) hosts.txt – a file that contained all the information.
1 Active Directory (Week 8, Monday 2/26/2007) © Abdou Illia, Spring 2007.

1 Active Directory (Week 8, Monday 2/26/2007) © Abdou Illia, Spring 2007.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Directory & Naming Services CS-328 Dick Steflik. A Directory.

Directory & Naming Services CS-328 Dick Steflik. A Directory.
Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.

Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.
NamingCS-4513, D-Term 20071 Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,

NamingCS-4513, D-Term Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,
CS603 Active Directory February 1, 2001.

CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Distributed Systems CS 15-440 Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
EEC-681/781 Distributed Computing Systems Lecture 9 Wenbing Zhao Cleveland State University.

EEC-681/781 Distributed Computing Systems Lecture 9 Wenbing Zhao Cleveland State University.
CS 603 Naming in Distributed Systems January 28, 2002.

CS 603 Naming in Distributed Systems January 28, 2002.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
NamingCS-4513, D-Term 20081 Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,

NamingCS-4513, D-Term Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
4.4 Naming And Directory Services Lakshmi Narayana Gupta Kollepara 09/20/2009 CSC-8320.

4.4 Naming And Directory Services Lakshmi Narayana Gupta Kollepara 09/20/2009 CSC-8320.

Similar presentations

Ads by Google