9.2.1 Multinational enterprise data design

Example Corp. International creates a deployment team to perform a site survey. The deployment team determines the following from the site survey:

A messaging server is used to provide email routing, delivery, and reading services for most of Example Corp.'s sites. An enterprise server provides document publishing services. All servers run on Red Hat Enterprise Linux 5 (32-bit).

Example Corp. needs to allow data to be managed locally. For example, the European site will be responsible for managing the Europe branch of the directory. This also means that Europe will be responsible for the master copy of its data.

Because of the geographic distribution of Example Corp.'s offices, the directory needs to be available to users and applications 24 hours a day.

Many of the data elements need to accommodate data values of several different languages.

NOTE:

All data use the UTF-8 characterset; any other characterset violates LDAP standards.

The deployment team also determines the following about the data design of the extranet:

Parts suppliers need to log in to Example Corp.'s directory to manage their contracts with Example Corp. Parts suppliers depend on data elements used for authentication, such as name and user password.

Example Corp.'s partners will use the directory to look up contact details of people in the partner network, such as email addresses and phone numbers.

9.2.2Multinational enterprise schema design

Example Corp. builds upon its original schema design by adding schema elements to support the extranet. Example Corp. adds two new objects, the exampleSupplier object class and the examplePartner object class.

The exampleSupplier object class allows one attribute, the exampleSupplierID attribute. This attribute contains the unique ID assigned by Example Corp. International to each automobile parts supplier with which it works.

The examplePartner object class allows one attribute, the examplePartnerID attribute. This attribute contains the unique ID assigned by Example Corp. International to each trade partner.

For information about customizing the default directory schema, see “Customizing the schema”.

9.2.3 Multinational enterprise directory tree design

Based on the expanded requirements, Example Corp. creates the following directory tree:

The root of the directory tree is the dc=com suffix. Under this suffix, Example Corp. creates two branches. One branch, dc=exampleCorp, dc=com, contains data internal to Example Corp. International. The other branch, dc=exampleNet,dc=com, contains data for the extranet.

The directory tree for the intranet (under dc=exampleCorp, dc=com) has three main branches, each corresponding to one of the regions where Example Corp. has offices. These branches are identified using the l (locality) attribute.

Each main branch under dc=exampleCorp, dc=com mimics the original directory tree design of Example Corp. Under each locality, Example Corp. creates an ou=people, an ou=groups, an ou=roles, and an ou=resources branch. See Figure 9-1 “Directory tree for Example Corp.” for more information about this directory tree design.

132 Directory design examples

Page 131 Page 133
Page 132
Image 132
HP UX Direry Server manual Multinational enterprise data design, Multinational enterprise schema design
Page 131 Page 133

UX Direry Server specifications

HP UX Directory Server is a robust and scalable solution designed for managing directory information within enterprise networks. Developed by Hewlett-Packard (HP), this server offers an extensive set of features tailored to meet the needs of organizations that require an efficient way to store, manage, and retrieve identity and access data.

One of the key features of HP UX Directory Server is its ability to handle large directories with significant volumes of data. Built on a highly optimized architecture, it provides excellent performance and can support millions of entries without sacrificing speed or reliability. This capability makes it an ideal choice for large-scale deployments in enterprises that require high availability and responsiveness.

In addition to its scalability, HP UX Directory Server supports a wide range of protocols, including LDAP (Lightweight Directory Access Protocol), which ensures seamless integration with diverse applications and systems across various platforms. The server maintains standards compliance, which facilitates interoperability and simplifies administration tasks.

Security is a top priority for HP UX Directory Server, offering an array of features to protect sensitive information. It supports secure data transmission via TLS/SSL protocols, ensuring encrypted communication between clients and servers. Advanced access controls allow administrators to define fine-grained permissions, helping to safeguard directory data against unauthorized access.

Another salient feature of HP UX Directory Server is its replication capabilities. The server can replicate directory data across multiple instances, ensuring data consistency and availability in distributed environments. This feature is essential for businesses operating across different geographical locations or requiring failover solutions for disaster recovery.

HP UX Directory Server also comes equipped with tools for data management, including an intuitive administration console for configuring and monitoring the server. Additionally, it offers customizable schema capabilities, enabling organizations to tailor the directory structure to fit their specific needs.

Integration with existing identity management solutions is streamlined through connectors and APIs, allowing organizations to extend their directory services and enhance user experience.

In summary, HP UX Directory Server is a powerful directory management solution that combines scalability, security, and integration flexibility. Its support for industry standards, advanced replication, and comprehensive administrative tools makes it an essential asset for organizations seeking to manage identity and access efficiently. By leveraging this technology, businesses can improve their operational efficiency and ensure a secure and organized approach to directory management.
Top Page Image Contents