did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780201700398

E-Directories: Enterprise Software, Solutions, and Services

by ; ; ; ;
  • ISBN13:

    9780201700398

  • ISBN10:

    0201700395

  • Edition: CD
  • Format: Paperback
  • Copyright: 2000-07-01
  • Publisher: Prentice Hall
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $39.95
We're Sorry.
No Options Available at This Time.

Summary

In this book, a team of leading software engineers cover all you need to know to start building enterprise-class directory services applications with today's most important technologies, including LDAP, Sun's JNDI, and Microsoft's ADSI. Start by understanding the problems directories were invented to solve, and the key qualities enterprise-class directory services and directory applications must have, such as availability and security. Review the past, present, and future of directory technologies, as well as "nuts and bolts" issues such as replication, partitioning, and schema. The book includes a full section of case studies demonstrating how directory-enabled applications can solve critical problems throughout the enterprise. The accompanying CD-ROM contains extensive directory services code in C, C++, Java, and Visual Basic, as well as LDAP software developer kits for Windows, Solaris, and IBM OS/390; the IBM SecureWay LDAP Directory Server; a JNDI client SDK; all relevant RFCs; plus this entire book and four bonus IBM Redbooks on LDAP and Enterprise JavaBeans.

Table of Contents

Preface xxi
Acknowledgments xxvii
About the Authors xxix
Introduction xxxi
Part 1 You Are Here 1(50)
Introduction to the Problem
3(10)
A User-Oriented View
3(2)
Over and Over
4(1)
Data Sharing and Manipulation
5(1)
A System View
5(4)
Location, Location, Location
5(1)
Administering to the Masses
6(1)
A Unifying Force
7(1)
Identity
8(1)
Enterprise Characteristics
8(1)
Bringing the Views Together with LDAP
9(1)
Lightweight Directory Access Protocol
9(1)
What, Exactly, Is a Directory?
10(1)
Where to Find Code
11(1)
Summary
11(2)
What Directories Are and Are Not
13(10)
Directory Gestalt
13(1)
Server and Service
13(1)
The Importance of RASSS
14(1)
What Directories Do
15(1)
Functional Characteristics of a Directory Service
16(1)
What a Directory Is Not
16(2)
Remember ACID?
16(1)
Not Quite Nirvana
17(1)
Loose Consistency
17(1)
A Definition Can't Be Wrong---by Definition
18(2)
Good, Bad, and Ugly Data
18(2)
A Brief Code Example
20(1)
Summary
21(2)
Directories Are Everywhere
23(14)
Directory Forms
23(4)
System Directories
23(1)
Phone Book Directories
24(2)
Application Directories
26(1)
User-Oriented Directories
27(5)
Personal and Mail Systems
27(2)
Operating Systems
29(2)
Networks
31(1)
Generic Directories
32(3)
Corporate Directories
33(1)
Human Resources Information
33(1)
Future Demands
34(1)
Distributed Administration
34(1)
Policy-Based Administration
34(1)
Consistent User Interface
34(1)
Skills Portability
35(1)
Summary
35(2)
Directories: Bone Yard to Nursery
37(14)
Early Standardization
37(6)
SNA Host Names and Logical Units
37(1)
Domain Name Service
37(3)
Distributed Computing Environment Cell Directory Services
40(1)
LAN Managers
41(1)
X.500
42(1)
Standards Today
43(5)
X.500
44(1)
Domain Name Service
44(2)
Lightweight Directory Access Protocol
46(2)
Summary
48(3)
Part 2 Enterprise Software with Directories 51(106)
Man-Rated, Enterprise-Rated, Good-Enough, and Don't-Care
53(14)
Four Classes of Usage
53(3)
How Much Software Is Written and at What Cost?
54(1)
Examples of the Four Usage Classes
55(1)
Cost
56(2)
Directory Exploitation
58(1)
A One-Line Quiz
59(2)
Example Program
61(4)
Summary
65(2)
The Operating System and the Directory
67(8)
The Role of the Operating System
67(1)
Usage Ratings
68(2)
Usage Rating of the Operating System
68(1)
Usage Rating of the Directory Service
68(1)
Directory Service Users
69(1)
Compensating for Low Usage Rating
70(1)
Fault Tolerance, Redundancy, and Graceful Fail-Over with Takeover
70(3)
Summary
73(2)
Directory Users
75(10)
People
75(2)
White Pages and Yellow Pages Lookups
75(2)
Operating Systems
77(3)
Users and Groups
77(1)
Hardware Configuration
78(2)
Networks
80(1)
Applications
81(3)
Configuration
82(1)
Location
82(1)
Users and Groups
83(1)
Summary
84(1)
The Evolution of Application Models
85(10)
Enterprise Application Models
85(5)
Monolithic Applications
85(1)
Client-Server Applications
86(1)
Thick Client Applications
86(1)
Thin Client Applications
87(1)
Tiered Applications
88(2)
Client-Server Glue Technologies
90(3)
Transactions
90(1)
Message-Oriented Middleware
90(1)
Boss--Worker Thread Model
91(1)
Managed Components
92(1)
Applications on Symmetric Multiple Processors
93(1)
Clustering
93(1)
Workload Balancing
93(1)
Fail-Over Clusters
93(1)
Summary
94(1)
Availability
95(12)
24 x 7 and 24 x 365
95(1)
Servers and Services
96(1)
High Availability
97(3)
Robust Server Code
97(2)
Redundant Servers
99(1)
Low Availability
100(2)
Improving Application Availability
102(4)
Advertising and Finding Services
103(2)
Beyond Location Information
105(1)
Summary
106(1)
Scaling
107(10)
Scalability
107(2)
Planning Ahead
109(1)
Approaches to Scaling
110(5)
Single-System Scaling
110(4)
Multiple-System Scaling
114(1)
Directories and Scalability
115(1)
Summary
115(2)
Performance
117(8)
Performance and Performance Measurement
117(1)
Gating Factors
118(4)
Processor Usage
118(2)
Input/Output Usage and Constraints
120(1)
Network Bandwidth, Latency, and Timing Fluctuations
121(1)
Poor Performance
122(1)
Summary
123(2)
Security
125(8)
Policy and Risks
125(2)
Application Development and Maintenance as a Source of Ongoing Risk
127(1)
Controlling Access Based on Organization Responsibilities
128(3)
The Audit
131(1)
Summary
132(1)
Life Cycle Control
133(14)
Serviceability and Maintainability
133(1)
Controlling Downtime
134(5)
Real-Time Event Logging with First Failure Data Capture
134(2)
Failing a Request Versus Failing the Server Application
136(3)
Directory Redundancy
139(1)
Periodic Maintenance
140(1)
Backups and Directories
140(1)
Planning for the Next Release
141(2)
Carrying Out an Upgrade
141(1)
Installing a New Server in Place
142(1)
Streaming Data to a File
143(1)
Applying the Life Cycle Lessons
143(2)
Client and Server Changes
144(1)
Availability
145(1)
Summary
145(2)
Directories Grow Up
147(10)
Predicting the Future
148(7)
Integration with the Operating System
148(1)
Transactional ``Flavors''
148(2)
Storing Large Objects
150(1)
Dynamic and Easy Partitioning
150(1)
Hot Spot Management Through Dynamic Replica Creation
151(1)
Better Multivendor Interoperability
151(1)
XML and DSML
152(1)
Improved Administration
153(1)
Monitoring Tools
153(1)
Identity Store
154(1)
Device Management
154(1)
ACID RASSS Everywhere
155(1)
Summary
155(2)
Part 3 Directory Infrastructure 157(118)
Fundamental Enterprise Directory Services Management
159(14)
The Political Dimension
159(1)
Managing Directories
160(1)
Enterprise Data Storage
161(2)
Organizing Directory Data for Performance
161(1)
Structuring the Directory Data
162(1)
Who Puts Data in the Directory Versus Who Gets Data Out?
163(1)
Categorizing Directory Data
163(1)
Enterprise Data Retrieval
163(5)
White Pages Retrieval---If It's That Easy, There Must be a Catch
164(2)
Yellow Pages Retrieval---An Even Bigger Catch
166(2)
Is LDAP Deficient?
168(1)
Enterprise Data Operations and Management
168(3)
The Enterprise Locator Service
169(1)
Directory Management as Part of the Bigger Picture
170(1)
Summary
171(2)
Schema
173(24)
The Aspects of Directory Service
173(1)
The Function of Schema
174(3)
What Things Are
174(1)
Where Things Reside
175(1)
What Is Mandatory and What Is Optional
176(1)
The Role of Schema
177(3)
Performance
177(1)
Usability
178(1)
Extensibility
179(1)
Administration
179(1)
Schema in LDAP
180(10)
X.500
180(1)
Syntaxes
180(3)
Matching Rules
183(1)
Attribute Types
184(2)
Object Classes
186(1)
Schema Check
187(1)
Object Class Hierarchy
188(1)
Directory Information Tree
189(1)
Schema in LDAP
190(2)
Other Characteristics
192(2)
DIT Structure Rules
192(1)
Naming Constraints
192(1)
Name Space Layout
193(1)
ASN.1 (X.208) and X.501
194(1)
Summary
195(2)
Building a Schema
197(20)
Custom Schemas
197(1)
Why There Are So Many Schemas
197(1)
Custom Schema
198(1)
Designing Custom Schema
198(12)
Defining the Data Model
199(1)
Exploiting the Hierarchical Name Space
200(2)
Defining a Package
202(2)
Defining Object Classes
204(2)
Defining Attribute Types
206(3)
Creating DN-Pointers
209(1)
Defining Functional Characteristics
209(1)
Business Issues Impacting Structure
210(1)
Using the Base Schema
211(1)
Installing a Custom Schema
211(4)
Updating a Schema Using LDAP Version 3
212(1)
Updating a Schema Using LDIF Format
212(3)
Other Schema Definition Formats
215(1)
Summary
215(2)
Directory Security
217(8)
User Identification and Authentication
217(3)
Controlling Access to Directory Entries
220(2)
Data Confidentiality and Data Integrity
222(1)
Security Management and Administration
223(1)
Summary
223(2)
Replication and Partitioning
225(16)
Replication
226(7)
How Replication Works
226(2)
Application-Level Problems Caused by Replication
228(1)
Replication Versus Caching
228(1)
Dealing with Temporal Consistency
229(4)
Partitioning
233(5)
Partitioning for Performance
234(1)
Partitioning for Management
235(1)
Application-Level Problems Caused by Partitioning
235(1)
Referrals
236(1)
Drawbacks of Referrals
237(1)
Chaining
238(1)
Putting Replication and Partitioning Together
238(1)
Business Issues Drive Replication and Partitioning
239(1)
Summary
239(2)
Synchronization and Metadirectories
241(12)
Replication
241(2)
Synchronization
243(6)
Access Control Problems
246(1)
Schema Mapping Problems
246(1)
Replication Problems
247(2)
Metadirectories
249(1)
Summary
250(3)
APIs and Protocols
253(16)
Differences between APIs and Protocols
253(1)
Protocol
254(1)
Programming Interface
255(2)
Origins of Directory Protocols and Programming Interfaces
257(2)
Novell Directory Service (NDS) and Network Core Protocols (NCPs)
257(1)
Distributed Computing Environment (DCE) and Cell Directory Services (CDS)
258(1)
X.500 and Directory Access Protocol (DAP)
259(1)
Popular Directory Protocols
259(2)
LDAP
260(1)
Domain Name Service (DNS)
260(1)
Novell Directory Access Protocol
260(1)
COSNaming over IIOP
260(1)
Popular Directory Programming Interfaces
261(6)
LDAP C
261(1)
JDAP
262(1)
PerLDAP
263(1)
Novell Development Kit (NDK)
263(2)
COSNaming
265(1)
JNDI
265(1)
Active Directory Service Interface (ADSI)
266(1)
Summary
267(2)
Directory Implementations
269(6)
Commercial Implementations
269(2)
IBM Secure Way Directory
269(1)
Novell Directory Services (NDS)
269(1)
Netscape Directory Server
270(1)
Microsoft Active Directory
270(1)
Lotus Domino Name and Address Book
271(1)
Banyan Vines
271(1)
An Open Source Implementation
271(1)
Specialized Implementations
272(1)
Domain Name Service (DNS)
272(1)
Service Location Protocol (SLP)
273(1)
Summary
273(2)
Part 4 Internet and Intranet Case Studies 275(94)
Roaming Users with LDAP
277(16)
How Directories Enable Roaming
277(1)
Description of the Roaming Problem
278(2)
The Sales Application (TSA)
280(1)
Schema
281(5)
TSA Schema Class Objects
281(1)
TSA Schema Attributes
282(1)
The Directory Information Table
283(2)
Updating the Schema
285(1)
Directory Vendor Differences
285(1)
Other Schema Issues
286(1)
Directory Structure
286(1)
How TSA Works
287(3)
Write Activity
289(1)
Write Collisions
289(1)
What TSA Looks Like
290(1)
Warning!
290(1)
Critique of the Example
291(1)
Summary
292(1)
Corporate Employee Directory
293(18)
The Purpose of a Corporate Employee Directory
293(1)
Use Cases for the Corporate Directory
294(1)
Data Model
295(4)
Object Classes
295(1)
Attribute Types
296(1)
Name Space Layout
297(2)
Accessing the Corporate Directory
299(4)
Looking Up People
299(1)
Looking Up a Chain of Command
300(1)
Adding a Distribution List
301(1)
Modifying a Distribution List
302(1)
Deleting a Distribution List
302(1)
Managing Information in the Corporate Directory
303(5)
Adding Employee Information
304(1)
Modifying Employee Information
304(1)
Deleting Employee Information
304(1)
Handling Employee Transfers
305(3)
Handling Company Reorganization
308(1)
Sample Code
308(1)
Using the Corporate Directory from E-Mail Systems
309(1)
Critique of the Solution
309(1)
Summary
310(1)
Personalization of the Internet
311(10)
The Customer Access and Update
311(1)
The Web Self-Help (WSH) Site
312(1)
Schema
312(1)
Directory Infrastructure
313(2)
How the Web Self-Help Application Works
315(3)
Critique of the Solution
318(1)
Summary
319(2)
Application Management
321(12)
The Application Management Problem
321(6)
The Purpose of the Application Management
322(1)
The Directory
323(1)
Directory-Enabling the Server
324(2)
Directory-Enabling the Client
326(1)
Schema
327(1)
Critique of the Solution
328(4)
Reliability
330(1)
Availability
330(1)
Serviceability
331(1)
Scalability
331(1)
Security
331(1)
Summary
332(1)
Internet and Intranet Single-Sign
333(6)
Internet and Intranet Users
333(2)
The Single Sign-On Solution
335(1)
The Directory Solution
336(1)
Summary
337(2)
Configuration Management of a Web Farm
339(18)
The Web Farm Problem
339(8)
Web Farm Design
340(3)
Adding Servers
343(1)
Managing the Web Farm
344(1)
Implementing the Web Farm
344(3)
Management Objectives
347(4)
Centralized Control of the Constituent Servers
348(1)
Transparent Replication of Content Updates
349(1)
Web Service Advertising: Mapping of DNS to Correct IP Addresses
349(1)
Performance Monitoring
349(1)
Crisis Notifications
350(1)
Hot-Plugging and Removing Servers
350(1)
Backup and Restoration of Backing Store Without Service Interruption
350(1)
Migrating Individual Boxes
351(1)
Schema
351(2)
The Directory Infrastructure
351(1)
Directory Configuration
352(1)
Critique of the Solution
353(2)
Reliability
353(1)
Availability
353(1)
Serviceability
354(1)
Scalability
354(1)
Security
354(1)
Limitations
354(1)
Summary
355(2)
Metadirectory
357(12)
The PMW Metadirectory Problem
357(10)
The Move to E---Business
357(1)
Round 1---The Answer Is the Web. What's the question?
358(2)
Round 2---The Answer Is Directory Architecture. What's the Question?
360(3)
Round 3---Maybe I Should Understand the Question First
363(1)
Round 4---Metadirectory
364(3)
Summary
367(2)
Part 5 Appendices, Annotated Bibliography, and Glossary 369(98)
Appendix A LDAP C API
371(12)
LDAP
371(1)
The Directory Data Model
372(2)
The LDAP C API
374(1)
LDAP Initialization and Termination
374(1)
Getting an LDAP Handle
375(1)
LDAP Results
376(1)
LDAP Bind
377(1)
LDAP Search and Compare
377(2)
LDAP Add, Modify, and Delete
379(2)
LDAP Modify Name
381(1)
The LDAPConnection C++ Class
381(1)
Summary
382(1)
Appendix B JNDI API
383(10)
Using JNDI to Access LDAP Directories
383(1)
JNDI Initialization and Termination
384(1)
Getting an LDAP DirContext
385(1)
JNDI Results
385(1)
JNDI Bind
386(1)
JNDI Search and Compare
387(2)
JNDI Add, Modify, and Delete
389(1)
JNDI Modify Name
390(1)
Summary
391(2)
Appendix C ADSI
393(4)
Using ADSI
395(1)
ADSI and C/C++
395(1)
For More Information and Samples
396(1)
Appendix D Web APIs and Protocols
397(16)
Projecting Static Brochures to Clients
397(2)
Web Protocols
399(1)
Web Client APIs
400(1)
Client-Side Scripting
400(1)
Java Applets
401(1)
ActiveX Controls
402(1)
Dynamic HTML with Cascading Style Sheets
403(1)
Web Server APIs
404(1)
Common Gateway Interface
404(1)
Improving CGI
405(1)
Session State
406(2)
Transactions
408(1)
Server-Side Components
408(3)
Security
411(2)
Appendix E Generic Security Services (GSS-API) and System Security Provider Interfaces (SSPI)
413(8)
General Helper Functions
414(1)
Mechanism/Package Management
414(1)
Buffer Management
414(1)
Name Management Functions
415(1)
Object Identifier Helper Functions
415(1)
Other Functions
416(1)
Credential Management Functions
416(1)
Context Management Functions
417(3)
Message Protection Functions
420(1)
Appendix F Access Control Summaries
421(10)
IBM SecureWay Directory Access Control
421(1)
Users and Groups in Access Control Lists
421(1)
Structure of an Access Control List
422(1)
Evaluation Algorithm for an Access Check
423(1)
Creating a New Object
423(1)
Common Problems and Solutions
423(1)
Microsoft Active Directory Access Control
424(1)
Users and Groups in Access Control Lists
424(1)
Structure of an Access Control List
424(2)
Evaluation Algorithm for an Access Check
426(1)
Creating a New Object
426(1)
Common Problems and Solutions
426(1)
Netscape Directory Access Control
427(1)
Users and Groups in Access Control Lists
427(1)
Structure of an Access Control List
427(2)
Evaluation Algorithm for an Access Check
429(1)
Common Problems and Solutions
429(2)
Appendix G IBM Standard Schema
431(4)
Standard Directory Information Tree (DIT)
431(1)
Standard Objects
431(1)
Attributes
432(1)
Syntaxes
432(3)
Appendix H Directory Standards and Other References
435(12)
IETF RFCs
435(5)
IETF Drafts
440(3)
Other IETF Documents
443(1)
Other Standards
444(1)
Vendor Information
444(3)
Appendix I Useful Attribute Types and Object Classes
447(14)
Appendix J Using the CD
461(6)
CD Contents
461(1)
Using the CD
462(1)
Startup.exe
463(1)
Browser Versions, Executable Programs, and File Formats
463(1)
Executable Programs and Your Operating System
463(1)
Sample Programs
464(1)
Requirements for Running the Samples
464(1)
Program Environment
464(3)
Glossary 467(10)
Annotated Bibliography 477(6)
Index 483

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program