| Now that you have an idea why directory coexistence is important and what techniques are available, it is time to examine your specific directory coexistence requirements. Your requirements-gathering process should cover the following areas related to synchronization: -
Data to be synchronized . Determine which directory data needs to coexist with other data. Some data in your directory will not be needed outside of the directory. Some data in your other data sources will not be needed in your directory. But some data will need to be shared by the directory and other data sources. You need to determine which data elements fall into each category, and how the data needs to be reformatted or translated. -
Type of synchronization . Determine how the data should coexist. Will the data be maintained in (owned by) the directory and periodically fed to an external database? Will the data source own the data and feed it to the directory? Does the data need to be co-owned ”that is, maintained in two data sources and synchronized in two directions via two-way synchronization? The answers to these questions determine the kind of synchronization technology you should use to maintain the coexistence. -
Synchronization frequency . Analyze each piece of coexisting data to determine how often it needs to be synchronized among all the participating data sources. Time frames may range from a one-time synchronization to as close to real-time synchronization as you can get (perhaps leading you to a virtual directory solution). Different data elements and data sources will have different requirements. You need to strike a balance among complexity, ease of implementation and management, and system performance (which synchronization frequency can affect substantially). -
Synchronization security . Depending on the sensitivity of the data being synchronized, security of the synchronization process may be an important consideration. Again, security needs vary among data elements and data sources. Seldom will you be able to choose a one- size -fits-all solution that is adequate for all your data elements and data sources. You need to strike a compromise among the complexity of maintaining multiple levels of security, the difficulty of development, and the performance and usability implications of making everything secure enough to protect the most sensitive data element. -
Synchronization performance . This final consideration is often overlooked. It is important to think of synchronization performance in the needs assessment phase. Otherwise you are likely to end up with unreasonable requirements, such as real-time synchronization for all data elements. Although often desirable, this kind of solution may have severe performance implications. A service that spends all of its available resources on directory coexistence and none serving directory clients is not a very useful service. Consider the trade-offs among synchronization frequency, security requirements, number of data sources that must be synchronized, and other factors that will affect the overall performance of your directory service and the other data sources. To get started, you can use much of the work you began in Chapter 7, Data Design. In that chapter we showed you how to create a table of data sources and data elements. This table should show where existing data in your organization is located and which data elements are of interest to your directory service. Your next task is to determine which of these data elements and sources need to coexist with the directory and which can serve as simple, one-time data sources. Tip You should always be suspicious of a decision to conduct a one-time data migration from a data source. This is a convenient way to jump-start your directory and load it with data, but often it can create problems down the road. Duplicate, uncoordinated data tends to increase your overall data maintenance costs and can lead to user frustration and confusion. On the other hand, if a data source is being phased out, migration may be the ideal approach. Be sure to think farther ahead than just populating your directory when you consider whether an ongoing coexistence solution is needed.
For those data elements that must coexist, you need to determine the following: -
Data owner . Where is the data updated? What is the authoritative data source for this data element? Most data is updated in one place, but you may have data that you would like to be updated in multiple places. In such cases the same data element has multiple data sources. As we discussed earlier, in the section titled Two-Way Synchronization, although having multiple data sources is desirable in rare circumstances, it should be avoided as much as possible. Allowing more than one place where a data element can change brings with it complications that make your job of implementing and administering a coexistence solution much harder. -
Data flow . What data source or directory service is the destination for the data? Does it flow in one direction or both directions? -
Frequency . How often must the data element be synchronized? Is real-time access required, or will a daily or weekly one-way synchronization process suffice? -
Special considerations . Note any special considerations that are related to areas such as security, data translation, and so on. Create a directory coexistence table like Table 23.1 to aid your design process and to provide a summary of all your design work. This example assumes there are three sources for directory data in addition to the directory service itself: the corporate human resources database, the telephone operations database, and end users. Data elements flow in one direction only. Some information flows from the directory to these data sources, some flows from the data sources to the directory, and some information is simply maintained in the directory service and does not need to integrate with any other data sources. Figure 23.7 shows how this information can be represented in graphical form. Creating a data flow graph can help you better visualize how the different systems need to interact and how data should flow across all of the integrated systems. Figure 23.7. A Sample Data Flow Graph  Table 23.1. A Sample Directory Coexistence Table | Data Element | Data Owner | Data Flows to | Frequency | Special Considerations | | Name | Human resources | Directory service | Weekly | None | | Title | Human resources | Directory service | Weekly | None | | Manager | Human resources | Directory service | Weekly | None | | Salary | Human resources | Directory service | Weekly | Sensitive information | | Phone | Telephone operations | Directory service, human resources | Daily | Must reformat data values | | Office location | Telephone operations | Directory service | Daily | None | | E-mail address | Directory service | Human resources | Weekly | New field to be added to the HR database | | Description | Directory user | Directory service | User-controlled | None | | Other directory attributes | Directory service | None | Not applicable | All other attributes maintained in the directory service are not shared | |
