9.2.1 Multinational enterprise data design

Example Corp. International creates a deployment team to perform a site survey. The deployment team determines the following from the site survey:

A messaging server is used to provide email routing, delivery, and reading services for most of Example Corp.'s sites. An enterprise server provides document publishing services. All servers run on Red Hat Enterprise Linux 5 (32-bit).

Example Corp. needs to allow data to be managed locally. For example, the European site will be responsible for managing the Europe branch of the directory. This also means that Europe will be responsible for the master copy of its data.

Because of the geographic distribution of Example Corp.'s offices, the directory needs to be available to users and applications 24 hours a day.

Many of the data elements need to accommodate data values of several different languages.

NOTE:

All data use the UTF-8 characterset; any other characterset violates LDAP standards.

The deployment team also determines the following about the data design of the extranet:

Parts suppliers need to log in to Example Corp.'s directory to manage their contracts with Example Corp. Parts suppliers depend on data elements used for authentication, such as name and user password.

Example Corp.'s partners will use the directory to look up contact details of people in the partner network, such as email addresses and phone numbers.

9.2.2Multinational enterprise schema design

Example Corp. builds upon its original schema design by adding schema elements to support the extranet. Example Corp. adds two new objects, the exampleSupplier object class and the examplePartner object class.

The exampleSupplier object class allows one attribute, the exampleSupplierID attribute. This attribute contains the unique ID assigned by Example Corp. International to each automobile parts supplier with which it works.

The examplePartner object class allows one attribute, the examplePartnerID attribute. This attribute contains the unique ID assigned by Example Corp. International to each trade partner.

For information about customizing the default directory schema, see “Customizing the schema”.

9.2.3 Multinational enterprise directory tree design

Based on the expanded requirements, Example Corp. creates the following directory tree:

The root of the directory tree is the dc=com suffix. Under this suffix, Example Corp. creates two branches. One branch, dc=exampleCorp, dc=com, contains data internal to Example Corp. International. The other branch, dc=exampleNet,dc=com, contains data for the extranet.

The directory tree for the intranet (under dc=exampleCorp, dc=com) has three main branches, each corresponding to one of the regions where Example Corp. has offices. These branches are identified using the l (locality) attribute.

Each main branch under dc=exampleCorp, dc=com mimics the original directory tree design of Example Corp. Under each locality, Example Corp. creates an ou=people, an ou=groups, an ou=roles, and an ou=resources branch. See Figure 9-1 “Directory tree for Example Corp.” for more information about this directory tree design.

132 Directory design examples