HP UX Direry Server 6.3.1 Conducting a replication survey, 6.3.2 Replicated selected attributes with fractional replication

be maintained in a single location, such as the company headquarters, or each local site can manage the parts of the DIT that are relevant for them.

•In all cases, balance the load of requests serviced by the Directory Servers and avoid network congestion.

After planning the replication strategy, it is possible to deploy the directory service. It is best to deploy the directory service in stages, because this allows administators to adjust the directory service according to the loads that the enterprise places on the directory service. Unless the load analysis is based on an already operating directory, be prepared to alter the directory services as the real-life demands on the directory become clear.

Gather information about the network quality and usage in the site survey to help define the replication strategy:

•The quality of the LANs and WANs connecting different buildings or remote sites and the amount of available bandwidth.

•The physical location of users, how many users are at each site, and their usage patterns; i.e., how they intend to use the directory service.

•The number of applications that access the directory service and the relative percentage of read, search, and compare operations to write operations.

•If the messaging server uses the directory, find out how many operations it performs for each email message it handles. Other products that rely on the directory service are typically products such as authentication applications or meta-directory applications. For each one, determine the type and frequency of operations that are performed in the directory service.

A site that manages human resource databases or financial information is likely to put a heavier load on the directory service than a site containing engineering staff that uses the directory solely for telephone book purposes.

Fractional replication allows the administrator to choose a set of attributes that are not transmitted from a supplier to the consumer. Administrators can therefore replicate a database without replicating all the information that it contains.

Fractional replication is enabled and configured per replication agreement. The exclusion of attributes is applied equally to all entries. As far as the consumer server is concerned, the excluded attributes always have no value. Therefore, a client performing a search against the consumer server never sees the excluded attributes. Similarly, should it perform a search that specifies those attributes in its filter, no entries match.

•Where the consumer server is connected via a slow network, excluding infrequently changed attributes or larger attributes such as jpegPhoto results in less network traffic.

•Where the consumer server is placed on an untrusted network such as the public Internet, excluding sensitive attributes such as telephone numbers provides an extra level of protection that guarantees no access to those attributes even if the server's access control measures are defeated or the machine is compromised by an attacker.

Configuring fractional replication is described in the replication agreement and supplier configuration sections in chapter 8, "Managing Replication," in the Administrator's Guide.