1 / 23

Introduction to IBM Tivoli Directory Server

Introduction to IBM Tivoli Directory Server. Shruti Maheshwari – IBM smaheshwari@in.ibm.com 30 th April 2011. ITDS Overview. What are directories? Diff. between DB and directories. Directory structure. What is directory server? IBM Tivoli Directory Server. Features of ITDS.

jade-french
Download Presentation

Introduction to IBM Tivoli Directory Server

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to IBM Tivoli Directory Server Shruti Maheshwari – IBM smaheshwari@in.ibm.com 30th April 2011

  2. ITDS Overview What are directories? Diff. between DB and directories. Directory structure. What is directory server? IBM Tivoli Directory Server. Features of ITDS. Components of ITDS. Replication. Password policy. Installation Demo on Windows .

  3. A directory is a listing of information about objects arranged in some order that gives details about each object. In computer terms, a directory is a specialized database, also called a data repository, that stores typed and ordered information about objects. A directory is a set of objects organized in a logical and hierarchical manner giving details about each object. Directory acts as a central and common authority that can securely authenticate the system resources that manage the directory data. What are Directories?

  4. Diff. between Relational DB & Directories Directories are meant to store relatively static information. Directories are accessed (read or searched) much more often than they are updated (written). Directory implementations still do not support transactions, however all databases do support transactions. Directories use a simplified and optimized access protocol e.g. light weight directory access protocol.

  5. ou=in cn=john d=gbs d=isl ou=jp ou=us o=ibm Attribute Attribute Attribute Entry Type Value Value Value Attribute Directory Structure

  6. What is Directory Server? The directory client performs the request, and the process that maintains and looks up information in the directory is called the directory server. Some servers can process client requests in parallel. Other servers, if they are currently busy processing another client’s request then they queue incoming client requests for serial processing. Sometimes, a server might become the client of other servers in order to gather the information necessary to process a request.

  7. IBM Tivoli Directory Server In the beginning, it was named as IBM Secureway Directory. The ITDS implements the Internet Engineering Task Force (IETF) LDAP V3 specifications (RFC 2251). ITDS uses IBM DB2 as backend for storing data. Supported Releases 6.1, 6.2, 6.3 Special cases 5.2 / 6.0

  8. Tivoli Directory Strategy Open TDS does not limit platform choice by offering support for all leading operating systems: AIX, Solaris SPARC, Linux zSeries, Linux iSeries, Linux pSeries, Linux xSeries, Windows 2000, Windows 2003 TDS embraces open standards, such as LDAP v3 and web services Scalable, Performance and Availability Built on the DB2 engine for unsurpassed reliability and scalability Replication/Multi-Master provide competitive advantage for availability and failover 8

  9. A dynamically extensible directory schema Replication Referrals Security features Sorting on searches Paged results Event notification Features of ITDS

  10. Components of ITDS

  11. Replication Replication is the technique of duplicating data between multiple directories for performance, scalability and redundancy. In replication, a change made to one directory is propagated to one or more additional directories. Advantages- Faster searches Reliability Performance ITDS does support sub-trees replication.

  12. Types of Replication Simple replication Cascading replication Peer to peer replication Gateway replication

  13. Simple Replication Master contains directory or a sub-tree of a directory while replica contains copy of directory. Master is the supplier and replicas are the consumers. Master is writable while replicas are read-only. Client Replica 2(Consumer) Replica 1(Consumer) Replica 3(Consumer) Master(Supplier)

  14. Cascading Replication Forwarder(Consumer /Supplier) Client Client Replica2(Consumer) Replica1(Consumer) Replica 10(Consumer) Master(Supplier) Problem with simple replication : . . . .

  15. Peer-to-Peer Replication Changes are replicated to other participating servers. All participating servers are writable. Master 1 is supplier as well as consumer for Master 2 Master 2 is supplier as well as consumer for Master 1 Possibility of going out of synchronization is very high among all replication types. Client Client Master 1(Supplier / Consumer) Master 2(Supplier / Consumer)

  16. Gateway Replication Gateway replicate the changes received only from remote replication sites to all masters/replicas in the local replication site. Advantage : reduce network traffic between two replication sites. Peer replicate the changes to all the servers, including peers, in the local site but not to other gateway servers. P2 G2 P4 P1 G1 Client I R1 R2 II P3 G3 III R3 P – Peer Server (Master)R – Replica serverG – Gateway server

  17. Have you ever come across following situations , Your password is going to expire in 7 days. Password has been expired. Your account has been locked. Minimum length of password must be 8 characters. You can not use old passwords. etc. Password policy is a set of rules that controls how passwords are used and administered in the IBM Directory. First focus : minimize threat of intruders. Second focus : enforce password syntax rules. Password policy

  18. Password policy attributes pwdMinAge pwdMaxAge pwdMinLength pwdExpireWarning pwdLockoutDuration pwdMaxFailure pwdAllowUserChange passwordMinAlphaChars passwordMinOtherChars passwordMaxRepeatedChars passwordMinDiffChars

  19. Installation Demonstration on Windows

  20. References TDS Documentation: http://publib.boulder.ibm.com/tividd/td/IBMDirectoryServer5.2.html Fix Central http://www-947.ibm.com/support/entry/portal/All_download_links/Software/Tivoli/Tivoli_Directory_Server Support Technical Exchanges: https://www.ibm.com/developerworks/mydeveloperworks/wikis/home/wiki/Tivoli%20Security%20%26%20Security%20Solutions/page/Tivoli%20Directory%20Server%20(ITDS)?lang=en Fixes by Version https://www-304.ibm.com/support/docview.wss?uid=swg21496581

  21. References Support Site : http://www-947.ibm.com/support/entry/portal/Overview/Software/Tivoli/Tivoli_Directory_Server Replication : http://www.ibm.com/developerworks/tivoli/library/t-tdsrepl/index.html Password Policy : http://www.ibm.com/developerworks/tivoli/library/t-tdspp-ect/index.html

  22. Thank You.

  23. Questions?

More Related