1 / 106

Directory Development Fundamentals

Directory Development Fundamentals. Ed Shropshire NDS Partner Programs Novell, Inc. eshropshire@novell.com. Vision…one Net

lukas
Download Presentation

Directory Development Fundamentals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Directory Development Fundamentals Ed Shropshire NDS Partner Programs Novell, Inc. eshropshire@novell.com

  2. Vision…one Net A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

  3. Deployed Versions Novell eDirectory™ and Novell Directory Services® (NDS)

  4. Differences Between eDirectory and NDS® NDS eDirectory NOS directory focused on managing NetWare® servers A cross-platform, scalable, standards-based directory used for managing identities that span all aspects of the network—eDirectory is the foundation for eBusiness NetWare 5 NetWare NetWare 6

  5. Novell one Net and eBusiness Vision Novell provides Net services software that gives organizations the ability to simplify the complexities of the Net, securely extend and integrate networks and applications between companies and accelerate eBusiness transformations NET Services Novell eDirectory™ … NW

  6. What’s New with Novell eDirectory • Novell eDirectory 8.6.1 and 8.7 • Product of the Year—Network Magazine • The Name—Novell eDirectory • SunTone Certification • Partner Redistribution Program • Free eDirectory for Developers • LDAPZone • AIX • LDAP 2000 Server Brand • LDAP Java SDK • LDAP Java Beans

  7. Novell eDirectory Partner Redistribution Kit Program • Get started • Download unlimited eDirectory licenses for development purposes—visit developer.novell.com/eDirectory/download.htm • Get profitable • Offer commercial solutions that include FREE 250,000 user versions of eDirectory • Save each application customer up to a half-million US dollars in up-front licensing costs • Visit developer.novell.com/eDirectory

  8. Novell eDirectory Partner Redistribution Kit Program • OEMs/ISVs can (AT NO COST): • Distribute 250,000 eDirectory user versions with each copy of their shipping products • Distribute full-featured versions of eDirectory to an unlimited number of application customers • Distribute the latest Multi-OS version of eDirectory—Windows*, Sun Solaris*, Linux*, NetWare®, and IBM AIX* (*future) • Increase software/hardware/server sales • Rely on proven embedded technology • Build competitive advantage with added services and lower up-front deployment costs

  9. LDAPzone.com Why LDAPzone? • Comprehensive • Resources and information on everything LDAP • Community • Share ideas, sample code, forums, tips and tricks • Directions • The latest LDAP news, updates and developments www.ldapzone.com

  10. Novell Developer Offerings • Support options • What can you get if you pay • Benefits 24 hour turnaround • Developer labs • Priority support • Dedicated support contacts • Certification • Solutions search • Developer labs • Developer training

  11. Solaris NT NetWare Linux Novell eDirectory Architecture DirXML™ OnDemandSM SSO iChain® LDAP NDAP System Abstraction Layer (SAL) eDirectory Management Framework Access Utilities Repair Merge Backup Schema Maintenance Security iManage AIX Replication iMonitor ??? iInstall Storage Management Interface (SMI) Database eGuide

  12. App 1 How do I accelerate my existing business systems so my customers, employees and IS professionals are not waiting for them? How do I use the Internet to let my partners, customers and employees access secure applications and data? App 2 How do I use the Internet to let my partners, customers and employees access secure applications and data? SSO/ NMAS App 3 Browser App 4 Web Server iChain • • • Web Server DirXML™ How do Isimplifymy business process and eliminate redundant and inconsistent data? PBX Application E-mail Application How do I simplify my business process and eliminate redundant and inconsistent data? HR Application Net Directory Service Solutions • eDirectory • Novell Account Management • Novell Authentication Services

  13. 168 Applications Before Zero-Day Start

  14. One Net Simplifies Business Processes SSL IP XML LDAP

  15. Enlightened Workforce (Intelligent Portal)

  16. Schema View Logical View • Top • Person • User • Names • Rights • Perspective Physical View • Partitions • Replicas The Three Views Novell eDirectory • Let’s take a look at it from a different perspective

  17. What Makes It Different? • Extensible schema • Inherited rights • Multi-master replication • Filtered replica • Referential integrity • Scalable data store • Multi-protocol support (discovery—access protocols) • Multi-authentication support • Developer interfaces • Platform support

  18. eDirectory Features Feature details • Filtered replica • A new replica type that enables flexible control of what’s replicated • Down to the attribute level • LDAP Support • LDAP v3 support including SSL • OpenLDAP SDK • Improved search speed • Improved administration tools • Monitoring and repair tools in ConsoleOne® • ICE (Import/Convert/Export) utility • iMonitor utility • ADSI Provider • Translates ADSI calls into LDAP • Apps developed to ADSI are fully supported • DirXML Support • Provides foundation for integrating network information for any system, application, device, etc. • Cross-platform support • Already runs on NetWare, NT 4, Linux, Windows 2000 and Solaris • Looking at other UNIX and mainframe platforms (e.g AIX)

  19. What is LDAP? LDAP began life as an attempt to simplify access to x.500 (DAP) directories, thus the name: Lightweight Directory Access Protocol • A standardized protocol for accessing X.500 directories • A version of DAP* that contains less code than DAP • An enabled client with TCP/IP access to X.500 directories • Lightweight means you don’t have to manage all of the connection overhead in your application • Lightweight doesn’t mean limited access functionality • LDAP is a client-server protocol

  20. Directory-Enabled Applications LDAP LDAP LDAP Netscape Microsoft Licenses in use: 40 M Licenses in use: 4.5 M Novell eDirectory Licenses in use: 174 M Technical LDAP Benefits • Applications can be directory-neutral • Directories can be interchanged • Note: All directories are not equal

  21. Overview • LDAP is a client/server access protocol • LDAP also describes a data model (ACI, Schema, Replication) • LDAP is controlled by the IETF community • LDAP certifications • Works with LDAP(for applications)and LDAP 2000(for servers) • Novell is a founding member of the Interoperability Forum/Open Group

  22. Novell eDirectory SDK • Everything to integrate with eDirectory • Libraries, tools, sample code, and documentation • Platforms (server and workstation) • NetWare® • Windows 2000 • NT • Windows 95/98 • Solaris, Linux • http://developer.novell.com/ndk/ndssdk.htm

  23. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL eDir libraries for C NDAP/NCP LDAP Novell eDirectory

  24. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  25. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  26. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  27. Novell ODBC Driver for eDirectory • ODBC driver specifically designed to query and retrieve eDirectory data • Supports standard SQL statements • Makes reporting and retrieving data quick and easy • Abstracts the directory tree into accessible relational database tables • Hides the complexity of the underlying directory syntax

  28. Given name Surname Title Jones Nelson Smith Wilson Kim Chris Sam Lynn Manager Engineer Tester Writer How ODBC Maps eDirectory Data • Mapping eDirectory data to relational tables • eDirectory hierarchical directory data is mapped to a flattened relational database table • eDirectory object classes correspond to the tables • eDirectory class attributes correspond to columns of the table • Entries correspond to rows of the table

  29. Troubleshooting Novell ODBC Driver • Common problems • Insufficient resources • Select fewer attributes or specify the attributes rather than using a wildcard to include all attributes • Examine the attributes you select to ensure that only a few of them are multi-valued • Restrict the number of objects selected by specifying only one container • eDirectory rights • SQL statement errors • Use the correct table and column names in SQL statements • Read-only access to eDirectory

  30. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  31. Novell eDirectory LDAP Compliance • Novell LDAP SDKs fully implement • IETF draft for C Interface • draft-ietf-ldapext-c-api-05.txt • IEFT draft for Java Interface • draft-ietf-ldapext-java-api-13.txt • eDirectory supports all LDAP version 3 required functionality • IETF RFCs 2247, 2251, 2252, 2253, 2254, 2255 and 2256 • eDirectory also supports most optional functionality

  32. More About LDAP • Users given “server view” vs. a “tree view” • LDAP uses UTF-8 encoding of character strings • Allowing strings of any language to be used in the API • LDAP servers listen on two TCP/IP ports • 389—Provides clear text connections • 636—Secure connections using SSL • An LDAP bind (connection) is an eDirectory login • LDAP requires that individual users have passwords • No password is interpreted as an anonymous bind • Specifies no file access mechanisms • Novell eDirectory event mechanism coming soon

  33. Novell Extensions to LDAP • Novell LDAP extensions • Partitions—split, join, get number of entries, abort operation • Replicas—add, remove, change type, list on server, return information • Replica synchronization—to a specified server, to all replicas, at a specified time • Schema synchronization • Get effective eDirectory rights for attributes • Get DN of logged-in caller • Restart the LDAP server

  34. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  35. LDAP Class Libraries for Java • Now available on the Novell Developer Kit (NDK) • Conforms to the IETF LDAP Java interface • Socket, threads, queues, connection manager • Referrals • Schema management • Security SSL and SASL • Extensions and controls • Exposes additional classes and methods • ASN.1/BER Protocol Methods (APIs)

  36. Benefits of LDAP Libraries for Java • Classes and methods reflect LDAP protocol • Small footprint • Easy to learn and use • Synchronous and asynchronous interfaces • Pure Java solution • Extensions for eDirectory management • Tuned and tested with eDirectory • Works with other LDAP-aware directories • SSL secured through Novell Security Technologies • Open Source available on the OpenLDAP Site • www.openldap.org

  37. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  38. What is JNDI? • Java Naming and Directory Interface (JNDI) • An addition to JavaSoft’s enterprise API set • Object-oriented look and feel • Abstracted view • Naming-system neutral, enabling many different service providers to be accessed via the same interface • Promotes interaction between naming systems • Provider issues tend to show through • Providers may or may not be pure Java • Platform support is provider-dependent • Providers tend to be vendor-specific

  39. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  40. Use Novell LDAP Libraries for C • Use the Novell LDAP Libraries for C vs. other SDKs • Extensions for eDirectory management • Tuned and tested for eDirectory • Works with other LDAP-aware directories • Available on NetWare, Windows, UNIX • Supported by Novell Worldwide Developer Support • Internationalized and localized • SSL-secured through Novell Security Technologies • LDAP Libraries for C Open Source • Novell LDAP Libraries for C leverage www.OpenLDAP.org

  41. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  42. Novell JDBC Driver for eDirectory • Conforms to the JDBC specification • Requires the JNDI LDAP service provider for eDirectory • Supports standard SQL statements • Abstracts the directory tree into accessible relational database tables • Hides the complexity of the underlying directory syntax • Provides “read only” access of eDirectory

  43. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  44. Application Administration (NWAppA) Bindery (NWBind) Browser (NWBrowse) Catalog Administration (NWCatA) Client and Server Socket (NWCliSkt and NWSvrSkt) Directory (NWDir) Directory Administration (NWDirA) Directory Authenticator (NWDirAuth) Directory Query (NWDirQ) Internet Directory (NWIDir) Internet Directory Query (NWIDirQ) Internet Directory Entries (NWIDirE) NDPS Printer Administration (NWDPPrtA) Network Selector (NWSelect) Peer Socket (NWPrSkt) Print Queue Administration (NWPQA) Print Server Administration (NWPSA) SecretStore (NWSecStr) Server Administration (NWSrvA) Session Management (NWSess) User Group (NWUsrGrp) Volume Administration (NWVolA) Novell Controls for ActiveX

  45. Beans for Novell services Novell JDBC driver for eDirectory eMFramework Novell ODBC driver for eDirectory Novell controls for ActiveX (NWDir) LDAP libraries for C LDAP Class Libraries for Java Novell eCommerce Beans Novell controls for ActiveX (NWIDir) JNDI LDAP service provider for JNDI NJCL NDS libraries for C NDAP/NCP LDAP Novell eDirectory

  46. Beans for Novell eDirectory • eCommerce LDAP beans • Components for integrating web applications with LDAP directories • Enabling authentication • Read/write directory access • Contextless login • SSL security • NDS bean • Enables access to and manipulation of eDirectory entries • Dependent upon the Novell class libraries for Java • Requires the Novell Client

  47. Scripting Options • Third Party Scripting Options • Perl • Python • PHP • Visit LDAPZone for a complete list and optionswww.LDAPZone.com

  48. Supercharge Your Web Applications with Novell eDirectory • Realize the benefit of using Novell eDirectory to personalize web server applications • The objective of this seminar is to provide ideas and examples that will assist you in developing and deploying more powerful and flexible web-based applications

  49. Why Tie Web Applicationsto Novell eDirectory? • Enhance and strengthen business relationships • Allowing secure access to information and applications • Provide the ability to simply and securely provide access to personalized and sensitive information • This may be the difference between gaining or disappointing a customer or partner

More Related