Offline Files in Windows 2000. Synchronizing with a network share using Offline Files in Windows 2000.
Stands for Organization for the Advancement of Structured Information Systems, a nonprofit consortium that promotes Extensible Markup Language (XML) standards.
See Also Organization for the Advancement of Structured Information Systems (OASIS)
An element of Active Directory directory service that represents a network resource.
Overview
Some common types of objects in Active Directory include
Users: Required for users to log on to the network.
Groups: Collections of user accounts, computers, or other groups created for organizational purposes or for assigning permissions to shared resources.
Computers: Represent machines that belong to the domain.
Shared folders: Pointers to shared folders on a server on the network. If you create a shared folder on a computer running Microsoft Windows 2000, an associated shared folder object is automatically created in Active Directory.
Printers: Pointers to printers on the network. If you create a network printer on a machine running Windows 2000, an associated printer object is automatically created in Active Directory.
Objects have attributes that define and describe them. For example, the attributes of a user object might include the user's name, e-mail address, and phone number. All objects of the same type or class have the same set of attributes, but they are distinguished from each other by having different values for at least one of these attributes. Some attributes are required to have values (such as the First Name attribute of a user object), but other attributes can be optional (such as Telephone Number).
You can group objects by placing them into container objects (containers) such as the following:
Domains: The fundamental units of Active Directory that share common administration, security, and replication requirements. Domains can also be grouped into domain trees and forests to reflect an enterprise's administrative structure.
Organizational units (OUs): Container objects that are used to organize other directory objects. OUs are part of the hierarchical structure of Active Directory, and allow objects are grouped according to common functions and purposes to simplify network administration. The hierarchical grouping of objects and OUs also simplifies the process of searching Active Directory for information about network resources.
Access to an object in Active Directory is based on the object's discretionary access control lists (DACLs), which list the users and groups authorized to access the object and their access levels. You can group objects with similar security requirements into OUs to simplify assignment of permissions to the objects and to facilitate administration and control of network resources. You can assign permissions to objects by using Active Directory Users and Computers, a snap-in for Microsoft Management Console (MMC).
Objects can be referenced by name by using
Distinguished names: Analogous to absolute paths of objects within a file system. The distinguished name of an object specifies complete information about the object's location within Active Directory and includes the domain name, names of OUs that it belongs to, and the name of the object itself. Each object in Active Directory must have a unique distinguished name.
Relative distinguished names: Analogous to relative paths of objects in the current directory of a file system. The relative distinguished name of an object is the portion of the distinguished name that is unique to the object. Any two objects in the same OU must have unique, differing relative distinguished names.
Notes
When you use Active Directory Users and Computers to view the property sheet for an object, the Security tab, which displays the Active Directory permissions assigned to that object, is usually not visible. Choose Advanced Features from the View menu to make this tab visible.
If you have resources such as shared folders or printers on computers that are not running Windows 2000 or Windows .NET Server, you must manually publish information about these resources in Active Directory if you want users to be able to locate and access them through Active Directory. You do this by adding the appropriate type of object for that resource to Active Directory and having it point to where the resource is located on the network.
When you create a new Active Directory object, you usually use a wizard to specify values for the important attributes of the object. You can specify other attributes after the object is created by opening the property sheet for that object.
See Also Active Directory ,
A numeric value that universally identifies data and syntax elements for certain distributed systems.
Overview
Object identifiers (OIDs) are employed in distributed systems such as X.500 and Lightweight Directory Access Protocol (LDAP) directories, Simple Network Management Protocol (SNMP) management systems, Open Systems Interconnection (OSI) applications, and so on. In the directory arena, for example, OIDs are used to identify the various classes and attributes used by Microsoft Corporation's Active Directory for Windows 2000 and by Novell Directory Services (NDS).
OIDs are assigned by organizations that are recognized as issuing authorities, such as the International Organization for Standardization (ISO), which also maintains a complete list of the world's various issuing authorities. In the United States, for example, the issuing authority is the American National Standards Institute (ANSI).
Examples
In Microsoft's Active Directory directory service, for example, OIDs are used as globally unique identifiers for object classes and attributes. OIDs ensure that when Active Directory is integrated with other directory systems, no conflicts occur, as each attribute and class in Active Directory has an OID that is globally unique. The OID for a class or attribute remains unchanged even when the distinguished name of a directory object is modified because of system configuration changes.
OIDs are expressed in dotted numeric form using an explicitly defined hierarchy of possible values. For example, the OID 1.2.840.113556.1.5.4 represents the Builtin- Domain class of objects within Active Directory. You can determine this by parsing the OID tree as follows:
1 ISO
2 ANSI
840 United States
113556 Microsoft
1 Active Directory Service
5 Classes
4 Builtin-Domain
An example of an object identifier for a different U.S. company might be 1.2.840.105670, where 1.2.840 is assigned to U.S. companies and 105670 is the number assigned to the specific company. Once your company has an object identifier, you can extend it by appending dotted decimal portions. So if 1.2.840.105670 represents Northwind Traders, 1.2.840.105670.27 might represent the Sales division, 1.2.840.105670.33 might represent the Support division, and so on. Further levels of subdivision are also possible.
Notes
If you want to use Active Directory Schema Manager to create a new class of objects or a new attribute in Active Directory, you should first obtain an object identifier for your organization from ANSI, ISO, or some other issuing authority.
See Also Active Directory ,American National Standards Institute (ANSI) ,directory ,International Organization for Standardization (ISO) ,Lightweight Directory Access Protocol (LDAP) ,Management Information Base (MIB) ,Novell Directory Services (NDS) ,Simple Network Management Protocol (SNMP) ,X.500
A low-level object-oriented technology that was the precursor of the Component Object Model (COM).
Overview
Object linking and embedding (OLE) was an early Microsoft technology for programmatically providing services to applications to support the creation of compound documents. For example, using OLE, you could insert bitmap images, sound clips, spreadsheet files, and other objects into Microsoft Word documents.
The term object linking and embedding comes from the two possible ways in which OLE enabled the creation of compound documents, specifically:
Linking adds a link in a document that points to source data stored somewhere else. Linked objects are stored in the document as a path to the original linked data, usually a separate file from the container document.
Embedding, on the other hand, adds one document directly to the other. Embedded objects are stored with the document that contains them.
History
The meaning of the term OLE has shifted somewhat since Microsoft Corporation first introduced it in 1991. Version 1 of OLE, referred to as OLE 1, was Microsoft's first mechanism for creating compound documents. OLE 2, the second version of OLE, improved on OLE 1 and expanded the support for creating more complex compound documents. OLE 2 was based on a new model known as the Component Object Model (COM). Microsoft began to recognize that OLE 2 could be used to solve other software problems and that it could be applied to other areas of software development. Microsoft saw OLE 2 as an expandable architecture to create software and, as such, decided to drop the version number. Microsoft also reduced the name from object linking and embedding (OLE) to just OLE , with no spell-out. At that time, OLE referred to any technology based on COM. In 1996, Microsoft introduced the term ActiveX which initially referred using to COM-based technologies on the Internet, but ActiveX also overlapped with OLE. Soon, OLE technologies were being referred to as ActiveX technologies . At that time, Microsoft decided to change the name OLE back to its original name, object linking and embedding (OLE) , and once again use it to refer to technologies for creating compound documents and the linking and embedding of objects.
Architecture
An OLE application can be one or both of the following:
OLE server application: Used to create objects that will be contained in compound documents. A server application can create OLE components that can be placed in documents created by OLE container applications.
OLE container application: Used to create the actual compound documents. A container application can create documents that can contain and display OLE components using OLE.
OLE container documents support in-place activation, which allows users to activate an embedded OLE component from within the container document. Activating the component changes the container application's user interface to include features that allow users to directly edit the component from within the container document.
See Also ActiveX ,Component Object Model (COM)
A construct containing data as well as methods (functions for manipulating the construct's data).
Overview
Object-oriented programming (OOP) focuses on objects instead of functions for manipulating separate data entities. The "blueprint" for an object is a class; a specific object is an "instance" of a class that you access using its associated methods. New classes can be derived from more general classes through a procedure called inheritance. The derived class contains all the methods and data of the original class, which can simplify programming.
See Also C++
Stands for out-of-band management, remotely managing networking and telecommunications equipment using out-of-band (OOB) signaling.
See Also out-of-band management (OBM)
Stands for online certificate status protocol, an emerging specification for validating digital certificates.
See Also Online Certificate Status Protocol (OCSP)
Stands for optical carrier level, a measure of Synchronous Optical Network (SONET) capacity.
See Also optical carrier (OC-x) level
Stands for open database connectivity, a standard method of accessing data stored in relational databases and other structured data sources.
See Also open database connectivity (ODBC)
Stands for Open Data-link Interface, a legacy network protocol software interface used by early versions of Novell NetWare.
See Also Open Data-link Interface (ODI)
Stands for orthogonal frequency division multiplexing, an emerging technology for achieving higher data rates in wireless communications.
See Also Orthogonal Frequency Division Multiplexing (OFDM)
A feature of Microsoft Internet Explorer that allows users to browse cached or subscribed Web content when they are not connected to the Internet.
Overview
Offline browsing is an easy way to browse Web content on a laptop when an Internet connection is not available. Users can surf their history folder to view recently accessed Uniform Resource Locators (URLs). If users click on an unsaved link, they are notified that they are working offline and are asked whether they would like to connect to the Internet to access the resource.
When you add a Web page to your Favorites list, you can specify that the page be available for offline browsing, indicate how deep you want to be able to browse the page's links offline, and specify how you want to keep the offline content up to date. To view the site offline later, you can
Choose Synchronize from the Favorites menu to manually synchronize offline content
Choose Work Offline from the File menu to switch to offline browsing mode
Select the item from your Favorites list
To leave Work Offline mode, choose Work Offline from the File menu.
See Also Internet Explorer
A feature of Windows 2000, Windows XP, and Windows .NET Server that lets you continue working with shared network resources after you disconnect from the network.
Overview
Shared files and folders from any computer that supports Server Message Block (SMB)-based file and print sharing, such as those running Windows .NET Server, Windows XP, Windows 2000, Windows NT 4, Windows 98, or Windows Millennium Edition (Me), can be made available for offline use by Windows 2000 or Windows XP clients. These clients that are configured to use offline folders can cache the network resources in a local folder. When disconnected from the network, the client can continue working normally on the cached files. The client can then synchronize the contents of the cache with the network share when the connection is restored.
Offline Files in Windows 2000. Synchronizing with a network share using Offline Files in Windows 2000.
To enable offline file support on a computer running Windows 2000 or Windows XP, open My Computer and choose Folder Options from the Tools menu. Select the Offline Files tab and check Enable Offline Files. Specify synchronization options, a cache size, and additional advanced options. To make a share on the network available for offline use, select the share in My Computer (where it might appear as a mapped network drive) or My Network Places (where it will appear as a network share) and choose Make Available Offline from the File menu. The contents of the network share will be copied to the local computer's cache in a process known as synchronizing. You can specify additional synchronization settings by selecting Settings in the Synchronizing dialog box.
Stands for object identifier, a numeric value that universally identifies data and syntax elements for certain distributed systems.
See Also object identifier (OID)
Stands for online analytical processing, a technology that allows users to perform sophisticated data analysis on typically large amounts of enterprise data to gain insight on the information it contains.
See Also online analytical processing (OLAP)
Stands for object linking and embedding, a low-level object-oriented technology that was the precursor of the Component Object Model (COM).
See Also object linking and embedding (OLE)
A Microsoft technology for universal data access.
Overview
Based on Component Object Model (COM) technologies, OLE DB represents a specification for developing extensible COM interfaces designed to provide applications with uniform methods of accessing data from diverse data sources that can include
Mainframe databases, including IBM's Information Management System (IMS) and DB2
Relational databases, including Microsoft SQL Server and Oracle
Desktop databases, including Microsoft Access, Microsoft FoxPro, and Paradox
Other data sources, including file systems, spreadsheets, text files, and e-mail message repositories
OLE DB is a key element in Microsoft Corporation's Universal Data Access (UDA) initiative and facilitates the development of applications that combine various types of queries from diverse data sources. OLE DB is the successor to Microsoft's earlier data access technology, Open Database Connectivity (ODBC), which was limited mainly to relational databases and was based on C/C++ application programming interfaces (APIs) instead of COM.
A related technology called ActiveX Data Objects (ADO) provides a simplified front-end for OLE DB that enables access to diverse data sources through OLE DB using scripting languages such as VBScript and JScript.
Architecture
OLE DB works by enabling COM interfaces to be defined that can encapsulate various types of database functionality such as record containers, query processors, and transaction coordinators. The architecture of OLE DB has three parts:
Data source: This can be any structured or unstructured source of data, including ODBC-compliant databases, legacy mainframe systems, file systems, or other data source for which an OLE DB provider can be constructed.
OLE DB provider: A set of COM components designed to extract data requested by an OLE DB consumer from the data source associated with the provider and to return it to the client in tabular format. Each type of data source requires its own special provider in order for clients to be able to access the data using OLE DB. OLE DB providers are available for the full range of data sources, including SQL Server, Microsoft Jet databases, Oracle, and many other common types of data sources. There is also a generic OLE DB provider for standard ODBC-compliant databases.
OLE DB consumer: Represents the client application that needs to access data from the data source. Because of the standard set of interfaces used in OLE DB providers, any consumer is able to access data from any provider. Furthermore, because providers are COM objects, consumers can access them using any programming language, including C++, Microsoft Visual Basic, and Java.
OLE DB. The architecture of an OLE DB system.
Examples
As an example of an OLE DB provider, the OLE DB Provider for AS/400 and VSAM enables record-level access to mainframe Virtual Storage Access Method (VSAM) files and to the AS/400 native file system. The OLE DB Provider for AS/400 and VSAM is included with Microsoft Host Integration Server. You use the OLE DB Provider for AS/400 and VSAM to develop applications for discrete data access and for record- level access to physical and logical files on AS/400 systems, in Partitioned Data Sets (PDS) and Partitioned Data Set Extended (PDSE) files, and in most versions of VSAM on mainframes. Using the OLE DB Provider for AS/400 and VSAM, programmers can access mainframe VSAM or AS/400 data using Microsoft's object- based OLE DB data access technology. Programmers can thus access source data from host systems without having to learn about Systems Network Architecture (SNA) or host applications programming. The OLE DB Provider for AS/400 and VSAM facilitates a broad range of data access, from individual records to complete files. Using ActiveX Data Objects (ADO), you can develop web-to-host integration solutions using programming languages such as Microsoft Visual Basic or scripting languages such as Microsoft Visual Basic, Scripting Edition (VBScript), and Microsoft JScript.
Marketplace
OLE DB is the dominant data access technology on the Microsoft Windows platform and is widely used in Online Analytical Processing (OLAP) systems that employ a variety of popular database platforms, including Oracle, DB2, and SQL Server. A competitor to OLE DB is the Java OLAP (JOLAP) initiative, developed by Sun Microsystems, Oracle Corporation, IBM, and Hyperion Solutions Corporation. JOLAP is a specification for creating Java-based interfaces for universal data access, and JOLAP parallels OLE DB in the same way that Java Database Connectivity (JDBC) parallels ODBC.
Notes
The name OLE DB for this technology can be confusing for two reasons:
OLE stands for "object linking and embedding," a legacy technology that was the precursor to COM.
DB suggests "database," but OLE DB works with any kind of data source and is not limited to relational database systems.
See Also ActiveX Data Objects (ADO) , Component Object Model (COM) ,database ,Java Database Connectivity (JDBC) ,Java Online Analytical Processing (JOLAP) ,
A set of Component Object Model (COM) interfaces and objects that extends OLE DB to allow access to information stored in multidimensional information sources.
Overview
OLE DB for OLAP is included in OLE DB 2 and leverages the OLE DB architecture to enable online analytical processing (OLAP) functions for COM- based applications.
See Also Component Object Model (COM) ,
A technology that allows users to perform sophisticated data analysis on typically large amounts of enterprise data to gain insight on the information it contains.
Overview
Examples of OLAP analysis include financial modeling, budget forecasting, production planning, and determining broad sales and distribution trends. A query issued in an online analytical processing (OLAP) system could be, "What would be the effect on sales over the next three quarters if the cost of widgets went up 5 percent while sales dropped 15 percent?" OLAP systems primarily focus on queries that ask "What if . . . ?" In other words, OLAP systems are designed for making predictions, modeling scenarios, and supporting decision-making.
The database for an OLAP system is typically structured to allow for efficient retrieval of information. The database can be a data warehouse. A data warehouse is a database that contains static data on a particular subject, drawn from various sources. Queries issued against data warehouses tend to focus on queries that ask "What was . . . ?" or "Who did . . . ?" and are useful for analyzing past sales and growth figures. For example, "What were the total sales for the five largest subsidiaries in the first two quarters of last year?" OLAP systems and data warehouses thus constitute two complementary tools for analyzing and interpreting business data in order to make intelligent decisions.
An OLAP system is typically based on a multidimensional model, which allows users to select, explore, and view the data easily. An OLAP system generally provides the technology for creating and managing the databases. An OLAP system can have tools to discover relationships between data items by comparing the results of various OLAP queries.
Microsoft SQL Server includes tools for data warehousing and online analytical processing, including Data Transformation Services (DTS) Designer and SQL Server OLAP Services (now called Analysis Services). You can use DTS Designer to specify the workflow steps and transactions for combining multiple heterogeneous data sources into a data warehouse. You can then use OLAP Services to analyze the data, preaggregate data into multidimensional cubes for frequently asked queries, model data, create new views, and perform ad hoc sets of calculations.
For More Information
Visit the OLAP Council at www.olapcouncil.org
See Also database
An emerging specification for validating digital certificates.
Overview
Traditional public key infrastructure (PKI) systems allow recipients of digitally signed documents to check the validity of digital certificates through comparison with a certificate revocation list (CRL), a list of invalid or expired certificates. This has several disadvantages:
It places the burden of processing on the client, and for large CRLs, this can consume a lot of time.
CRLs are typically updated every few days, so a client could receive a document with a compromised certificate and not be able to know it.
As a result of these problems, widespread adoption of digital signatures and certificates in business-to-business (B2B) e-commerce transactions has been slow. To overcome this, the Internet Engineering Task Force (IETF) has developed the Online Certificate Status Protocol (OCSP) specification to speed the process of validating certificates and shift the burden of processing away from the client.
Implementation
OCSP is implemented using strategically placed special servers called responders that maintain up-to-date CRL information. These responders are linked together using OCSP to ensure that they all share common CRL information. When a B2B trading partner sends a client a digitally signed document over the Internet, the client verifies the validity of the certificate by formatting a special request and submitting it to a responder. The responder either issues an authoritative reply such as GOOD, REVOKED, or UNKNOWN, or forwards the request to the trading partner's responder or to a third-party responder for validation.
See Also B2B ,digital certificate ,digital signature ,public key infrastructure (PKI)
A power-management design initiative from Microsoft Corporation.
Overview
OnNow combines innovations in PC hardware and software to produce a computer that is always on but appears to be off and that responds immediately when a user or application makes a request. For example, an incoming telephone call could wake the computer and start a Telephony Application Programming Interface (TAPI)-enabled application. OnNow is designed to make personal computers function like appliances in the sense that they respond instantly to user action instead of requiring a warm-up period or boot process. OnNow is based on the Advanced Configuration and Power Interface (ACPI) specification developed by Intel Corporation, Microsoft, and Toshiba Corporation.
The power management functions of Microsoft Windows 2000, Windows XP, and Windows .NET Server, as well as those of Windows 98 and Windows Millennium Edition (Me), conform to the OnNow specifications. Instead of having the system basic input/output system (BIOS) control the power state of the system devices and peripherals, OnNow lets the operating system control it. The operating system can place various devices in a sleep state to conserve power and wake them to full power instantly when a user or application issues a request. For OnNow to function as designed, the system must have peripherals and applications that support OnNow power-management functions and the system BIOS must support ACPI.
For More Information
Find out more at www.microsoft.com/hwdev/onnow.
See Also Advanced Configuration and Power Interface (ACPI)
Stands for out-of-band signaling, any transmission technology in which signaling is separate from the data being transmitted.
See Also out-of-band (OOB) signaling
A free version of UNIX.
Overview
OpenBSD is based on the BSD 4.4 operating system and is maintained and supported by a large community of developers. Theo de Raadt, a computer science graduate of the University of Calgary in Alberta, Canada, heads the OpenBSD project. OpenBSD is viewed as one of the most secure UNIX platforms available; even its default installation is fairly hacker-proof. OpenBSD includes support for the Kerberos IV security protocol and Internet Protocol Security (IPsec). OpenBSD also supports binary emulation of most software written for other popular UNIX flavors, such as HP-UX, SunOS, Solaris (SVR4), Linux, and FreeBSD. The current release of the OpenBSD software is version 2.5.
For More Information
Find out more about OpenBSD at www.openbsd.org
See Also UNIX
A standard method of accessing data stored in relational databases and other structured data sources.
Overview
Microsoft open database connectivity (ODBC) is a database access technology that specifies a series of C/C++ application programming interfaces (APIs) that enable Microsoft Windows-based applications to access data stored in ODBC-compliant databases. ODBC thus defines a call-level interface that lets applications access data in any data source by using a suitable ODBC driver. Therefore, the ODBC APIs allow applications to be written independently of the specific database management systems (DBMSs) that contain their source data.
ODBC was originally a specification developed by an industry consortium called X/Open, which is now known as the Open Group. ODBC defines a call-level interface for implementing queries using structured query language (SQL).
Implementation
The main components of ODBC are:
ODBC API: A set of function calls, error codes, and SQL syntax that defines how data in a DBMS is accessed.
ODBC database drivers: Dynamic-link libraries (DLLs) that can process ODBC function calls for specific DBMSs. ODBC drivers translate application calls to ODBC into calls that the specific DBMS can respond to.
ODBC Driver Manager: Loads the ODBC drivers that an application needs.
ODBC uses database drivers to link applications to any ODBC-compliant DBMS. ODBC database drivers are available for more than 50 popular DBMSs, including Microsoft SQL Server, Microsoft Access, Microsoft FoxPro, Microsoft Excel, Paradox, dBASE, and delimited text files. With ODBC, applications are not tied to proprietary vendor APIs and can run independently of the underlying data communication protocols. Data can be sent and received in a format suitable for the application instead of being tailored for a vendor-specific DBMS.
Prospects
Microsoft ODBC was designed for the Windows platform. ODBC is implemented as a set of C/C++ function calls and is thus not easily accessed by other languages, such as Microsoft Visual Basic or Sun Microsystems' Java language. ODBC is considered a legacy technology and has been superseded largely by OLE DB, Microsoft's COM-based specification for enabling universal data access using any programming language. The parallel to ODBC on the Java platform is Java Database Connectivity (JDBC).
See Also Component Object Model (COM) , dynamic-link library (DLL) , Java Database Connectivity (JDBC), Structured Query Language (SQL)
A legacy network protocol software interface used by early versions of Novell NetWare.
Overview
Novell and Apple Computer developed the ODI specification for defining the communication mechanism between network interface card (NIC) drivers and network protocols. Open Data-link Interface (ODI) is a legacy standard that was defined primarily for the Internetwork Packet Exchange (IPX) protocol on Novell NetWare 2.x and 3.x networks. ODI allows multiple NICs to be bound to multiple protocols.
Microsoft's NWLink IPX/SPX-Compatible Transport supports ODI for backward compatibility, but ODI has been superseded on Microsoft platforms by the network driver interface specification (NDIS).
See Also Internetwork Packet Exchange (IPX) ,NetWare ,network driver interface specification (NDIS) ,network interface card (NIC)
A popular link state dynamic routing protocol for large Internet Protocol (IP) networks.
Overview
Open Shortest Path First (OSPF) is a routing protocol that enables routers on an IP internetwork to dynamically share their routing table information with each other. The Internet Engineering Task Force (IETF) designed OSPF in the 1980s as a replacement for the earlier Routing Information Protocol (RIP), which scaled poorly for large internetworks.
OSPF is an interior gateway protocol (IGP) used for routing traffic within an autonomous system (AS), which is a large IP network managed by a single authority. Since IGPs such as OSPF are used within (not between) autonomous systems, they are sometimes called intra-AS routing protocols (as opposed to inter- AS routing protocols). OSPF is an open standard developed by the IETF, in contrast to Interior Gateway Routing Protocol (IGRP) and Enhanced Interior Gateway Routing Protocol (EIGRP), which are both vendor- specific IGPs developed by Cisco Systems.
OSPF was originally defined in RFC 1131, but this first version of the protocol was experimental and not widely deployed. OSPFv2 is defined in RFC 2328 and is the most widely deployed version of OSPF in use today. The IETF has recently developed OSPFv3, which improves on earlier versions by supporting any network layer protocol (not just IP), streamlines link state advertisements, enhances security, and supports Internet Protocol version 6 (IPv6).
Uses
OSPF is widely used in two areas of networking:
Enterprise-level private IP internetworks, including networks that span several countries, regions, or even continents. OSPF works well in a wide area network (WAN) environment because it updates routing tables only when necessary. Although RIP is still used for some small and mid-sized networks, OSPF has become the de facto IGP for large IP networks and is generally used wherever an internetwork contains about 50 or more routers.
The Internet, the collection of publicly accessible IP internetworks and backbones connecting them.
OSPF is supported by the Internetwork Operating System (IOS) used by Cisco routers, and by the Routing and Remote Access Service (RRAS) of Microsoft Windows 2000 and Windows .NET Server.
Architecture
Dynamic routing protocols work by enabling routers to exchange routing table information with each other automatically without administrative intervention. OSPF excels in both the way it stores routing table information and in how it keeps this information current. OSPF is a link state routing protocol, which means that OSPF routers store information about the "state of the link" between the local router and other routers. OSPF stores this information in a link state database, which essentially stores a topological map of all routers in the same administrative portion of the internetwork. This may either be all routers within the autonomous system, or, if the AS is subdivided into different areas, all routers within the local area. Each OSPF router stores this link state database information in the form of a tree whose root is centered on the local router itself.
To construct the link state database, each interface of every OSPF router is assigned a cost value. This cost is generally inversely proportional to the bandwidth of the link the interface is connected to, although different cost values can be assigned as desired to shape the flow of traffic through the network. These cost values are then used to create the metrics for different routes within routing tables, with the route having the least cost being the preferred one.
Once the link state database has been constructed, OSPF routers can then use the Shortest Path First (SPF) algorithm (also called Dijkstra's algorithm) to compute the shortest path between any two subnets in the AS or area. Thus, when traffic needs to be routed from one point of the internetwork to another, the router calculates the optimal path from the link state database and forwards packets accordingly. The SPF algorithm enables routing information to be quickly recalculated if routers go down, a feature called Fast Convergence. The algorithm also ensures that routing loops do not occur.
OSPF routers communicate with each other using HELLO packets, which are sent periodically every 10 to 15 seconds and basically tell other OSPF routers that the sending router is still alive. If an OSPF router does not receive a HELLO packet from another router within an expected time, it assumes that the other router is down and that the link state database is no longer accurate. The router then floods the network with link state advertisements (LSAs) that are picked up by other OSPF routers, and a recalculation of the link state database for all routers is initiated. This recalculation process generally converges quickly, depending on the size of the internetwork and the number of routers used. LSAs contain information about incremental changes to network topology and therefore are efficient in terms of bandwidth usage. LSAs can be secured by either password protection or MD5 checksums.
Implementation
The reason OSPF scales well for large internetworks is because it is hierarchical in design. OSPF allows large autonomous systems to be further subdivided into multiple areas. OSPF routers within an area only need to know about other routers within their own area, not outside their area, and all OSPF routers within a given area share the same link state database. This keeps the routing tables small enough to prevent processing bottlenecks from occurring. OSPF areas within an AS are designated by unique 32-bit identifiers and typically have no more than about 30 or 40 routers within them.
Open Shortest Path First (OSPF). An example of an internetwork using OSPF, showing different types of OSPF routers.
If an AS is subdivided into multiple OSPF areas, one of these areas must be a specially designated area called the backbone area, which has the identifier 0 (zero). Every other area within an AS must be directly connected to the backbone area in hub-and-spoke fashion, and adjacent areas communicate with each other directly between their backbones.
To support this hierarchical router topology, OSPF routers can be designated to operate in one of four different roles:
Internal router (I): A router whose interfaces are all within the same area (the area where the router resides). Internal routers are used for routing traffic within the area, and their routing tables contain information only about all other internal routers in that area.
Backbone router (B): A router that has at least one interface connected to the backbone area. Backbone routers are used for routing traffic within the backbone area.
Area border router (ABR): A router that has multiple interfaces, one of which must be connected to the backbone area. ABRs are used for routing traffic between the backbone area and other areas.
Autonomous system boundary router (ASBR): A router used to connect an autonomous system running OSPF to an autonomous system running a different interior gateway protocol.
Advantages and Disadvantages
OSPF has a number of advantages over earlier dynamic routing protocols such as RIP and over other interior gateway protocols such as IGRP and EIGRP, namely:
It converges quickly and minimizes the risk of routing loops occurring.
It allows routes to be summarized, reducing the size of routing tables and the processing power needed for routers to use it. This is what makes OSPF highly scalable and suitable for very large internetworks.
It utilizes very little bandwidth unless a change in network topology has occurred. This is different from RIP routers, which periodically broadcast their entire routing table to neighbors. By contrast, OSPF transmits only incremental changes to network topology.
It optimizes use of network bandwidth through multicasting instead of broadcasting.
It supports variable-length subnet masking (VLSM) for classless routing.
It is flexible and allows administrators to configure routers so that specific routes are preferred over others. This makes OSPF networks fault-tolerant because they can automatically reroute traffic when a link goes down.
Notes
When you design an OSPF-based internetwork, you should work from the top down-that is, you should first plan your autonomous system and how it will interact with other autonomous systems, and then you should subdivide the autonomous system into areas and then into individual networks. Try to map your IP address space and subnets to this hierarchy of areas and networks and assign each area a small set of network IDs that can be summarized as a small series of routes. Be sure that areas connect to each other through your high-speed backbone area and not directly to each other. (In other words, avoid back doors.) Specify cost values that relate to the amount of traffic and each router's hardware characteristics.
See Also autonomous system (AS) ,distance vector routing algorithm ,dynamic routing protocol ,Enhanced Interior Gateway Routing Protocol (EIGRP) ,interior gateway protocol (IGP) ,Interior Gateway Routing Protocol (IGRP) ,IPv6 ,Internetwork Operating System (IOS) ,link state routing algorithm ,Routing Information Protocol (RIP) ,routing protocol ,variable-length subnet mask (VLSM)
A philosophy of software development that makes application code freely available.
Overview
Open source is a philosophy of application development that allows code to be read, redistributed, and modified based on the GNU Public License (GPL) formula. The term open source also refers to a loosely organized community of developers dedicated to producing quality software and making it available free or at minimal cost.
Although the open-source operating system called Linux has recently garnered the majority of media attention for this movement, the underlying ideas of open-source software development go back more than 20 years to the early days of the Internet. The development of the BSD UNIX variants FreeBSD, OpenBSD, and NetBSD was a pioneering effort in opening up the UNIX platform for development. From this effort emerged the "hacker" culture of the 1980s (the term hacker originally meant someone who tinkered with software to make it better, not someone who maliciously tried to break into systems). The overriding philosophy of software development within the hacker community was originally that software must be free (without cost to its users), but this sharply ideological attitude alienated many in the corporate world and slowed their acceptance of software developed by the hacker community.
In 1998 the term open source was coined to replace the confrontational free software label and promote acceptance of this philosophy in the corporate arena. The result has been an acceleration of interest in open source applications and development by enterprises over the last few years, pushed along by large investments in Linux and other open-source technologies by companies such as IBM, Sun Microsystems, Compaq Computer Corporation, and others. The result is that today many open-source applications are packaged and sold by commercial software vendors. These vendors also provide technical support and customization services for their open-source packages, a critical factor in helping open-source software gain acceptance in the corporate world.
Marketplace
Some of the more popular open-source applications and platforms include
Linux: UNIX-like operating system gaining popularity in enterprise networks, especially at the server end in niche applications such as Web servers, mail servers, and storage appliances. A popular form of Linux is available from Red Hat.
Apache: Popular Web server software that runs on UNIX and Linux platforms.
Sendmail: Simple Mail Transport Protocol (SMTP) server software popular on the Internet.
PHP: Programming language for developing Web applications for the Apache/Linux platform.
Samba: Popular application that enables Linux file servers to run Server Message Block (SMB) protocol so they can interoperate with Microsoft Windows-based servers and clients.
MySQL: Structured query language (SQL) database application available from AbriaSoft Company and Nusphere Corporation.
Bluebird: Open-source network management platform project originally called OpenNMS and acquired by Atipa Technologies.
For More Information
Visit the Open Source Initiative (OSI) at www.opensource.org
See Also Apache ,GNU General Public License (GPL) ,Linux ,UNIX
An architectural model for computer networking developed by the International Organization for Standardization (ISO).
Overview
The ISO began work on the Open Systems Interconnection (OSI) model in 1974 to address the problem that the various networking systems being developed at that time could not communicate with each other. The OSI model was intended as a reference model to which vendor-specific networking systems could be compared so that interoperability solutions could be developed. The OSI model was thus intended to allow heterogeneous systems to communicate easily with each other in an open, standardized fashion and to provide a basis for developing standardized network protocols.
Uses
The primary use for the OSI model is as a starting point for understanding how real-world networking protocols work. In other words, the OSI model is a "reference model" to which such protocols as Transmission Control Protocol/Internet Protocol (TCP/IP), DECnet, and Systems Network Architecture (SNA) can be compared. These real world-protocols generally map only loosely to the OSI reference model, however, and usually omit some of the functions, or even levels, of the OSI model. TCP/IP, for example, maps to only four levels of the OSI model-namely, the physical, network, transport, and application layers.
Another popular use of the OSI model is to simplify the process of troubleshooting networking problems. The basic idea is that upper layer protocol functions cannot work unless all lower layer functions first work properly. This means that when you troubleshoot a network problem, you should generally begin with lower-layer issues (addressing such questions as "Is the cable connected?" and "Does the network card have an IP address configured?") before progressing to testing upper layer issues ("Is the httpd daemon running on the Web server?" or "Are the routing tables up to date?"). As such, the OSI model can probably be said to be the networking professional's fundamental troubleshooting tool, as it guides the whole troubleshooting process.
Architecture
The premise behind the OSI model is that communication between hosts on a computer network is too complex a phenomena to be understood as a unity and that it can best be understood by breaking it down into simpler components. The ISO adopted a layered approach in which the OSI model was divided into seven logical layers. Each layer deals with a certain aspect of communications, and upper layers utilize the functions of lower layers to make network communications possible.
You can think of each layer as being logically connected to the same layer on a different computer on the network. For example, the application layer on one machine communicates with the application layer on another machine. But this communication is logical only; physical communication occurs when packets of data are sent down from the application layer of the transmitting computer, encapsulated with header information by each lower layer, and then put on the wire at the transmitting computer's physical layer. After traveling along the wire, the packets are picked up by the receiving computer's physical layer, passed up the seven layers while each layer strips off its associated header information, and then passed to the receiving computer's application layer, where the receiving application can process the data.
The first table lists the seven layers of the OSI model, starting with the lowest layers and working upward, and provides a brief description of the communications functions that operate at each level. The second table provides examples of networking protocols that operate at each layer of the OSI model.
Layer | Description |
Physical | Defines network transmission media, signaling methods, bit synchronization, architecture (such as Ethernet or Token Ring), and cabling topologies. Defines how network interface cards (NICs) interact with the media (cabling). |
Data-link | Specifies how data bits are grouped into frames, and specifies frame formats. Responsible for error correction, flow control, hardware addressing (such as MAC addresses), and how devices such as hubs, bridges, repeaters, and Layer 2 switches operate. The Project 802 specifications divide this layer into two sublayers, the logical link control (LLC) layer and the media access control (MAC) layer. |
Network | Defines logical host addresses such as IP addresses, creates packet headers, and routes packets across an internetwork using routers and Layer 3 switches. Strips the headers from the packets at the receiving end. |
Transport | Sequences packets so that they can be reassembled at the destination in the proper order. Generates acknowledgments and retransmits packets. Assembles packets after they are received. |
Session | Defines how connections can be established, maintained, and terminated. Also performs name resolution functions. |
Presentation | Translates data to be transmitted by applications into a format suitable for transport over the network. Redirector software, such as the Workstation service for Microsoft Windows NT, is located at this level. Network shells are also defined at this layer. |
Application | Connects user applications with network functionality, controls how applications access the network, and generates error messages. Protocols at this level include HTTP, FTP, SMTP, and NFS. |
Layer | Protocols |
Physical | 802.3, 802.5, 10BaseX, 100baseX, 1000BaseX, RS-232, V.35, HSSI, FDDI, PPP, DSL, ISDN, Frame Relay, ATM |
Data-link | HDLC, SDLC, LAP, LAPB, AAL, SLIP, PPTP, L2F, L2TP, ARP, RARP |
Network | IP, ICMP, IGMP, BOOTP, DHCP, IPX, NetBIOS, NetBEUI, APPN, IS-IS, IGRP, EIGRP, BGP, OSPF |
Transport | TCP, UDP, SPX, RAS, ATP, NBP, ASP, DVMRP, RTP |
Session | LDAP, DNS, RPC, PAP, SSL, TLS |
Presentation | ASN.1, LU6.2, Postscript, 3270 Data Stream |
Application | HTTP, SMTP, FTP, POP3, IMAP4, Telnet, SNMP, TFTP, RLOGIN, SMB, NLP, NDS, SAP, NCP, X-Windows |
Implementation
Although some vendors attempted to develop networking protocols fully compliant with the OSI model, these attempts by and large failed for several reasons:
Complexity: The OSI model was overly complex and its use of seven layers created unnecessary overhead in processing information for transmission on a network. Also, some communications functions, such as connectionless communication, were relatively neglected by the OSI model, while others, such as error correction and flow control, were repeated at several layers in redundant fashion.
Closed standards process: The ISO standards process was relatively closed compared with the open standards process that the Internet Engineering Task Force (IETF) used to develop the TCP/IP suite of protocols. As a result, development of TCP/IP was fast while development of OSI protocols was slow, with the result that TCP/IP established itself long before OSI protocols could gain significant market foothold.
The U.S. government originally tried to require compliance with the OSI reference model for U.S. government networking solutions in the late 1980s by implementing standards called Government Open Systems Interconnection Profiles (GOSIPs). This effort was abandoned in 1995, however, and today virtually no real-world implementations of OSI model protocols exist outside of Europe, and only a few European governments still use OSI model protocols in specialized systems. Instead, the TCP/IP protocol suite has become the de facto world standard for computer networking.
See Also application layer ,data-link layer ,International Organization for Standardization (ISO) ,Internet Engineering Task Force (IETF) ,network layer ,physical layer ,presentation layer ,session layer ,Transmission Control Protocol/Internet Protocol (TCP/IP) ,transport layer
A measure of Synchronous Optical Network (SONET) capacity.
Overview
The optical carrier (OC-x) levels represent a set of signaling rates for SONET transmission over fiber-optic cabling. The basic unit is OC-1, which represents an aggregation of 810 DS-0 circuits, each having a capacity of 64 kilobits per second (Kbps), resulting in a total OC-1 capacity of 51.84 megabits per second (Mbps). In SONET transmission, however, 30 of these DS-0 circuits are required for protocol overhead, making the actual data throughput of OC-1 only 50.112 Mbps. A single OC-1 circuit is roughly equivalent to a T3 circuit in the telco T-carrier system. Higher data transmission rates (OC-3, OC-12, and so on) are simply multiplexed OC-1 circuits-in other words, OC-3 is three times faster than OC-1 and so on. The table shows the common OC-x transmission rates used in carrier-class SONET circuits.
Much of the SONET fiber used in the backbone of the Internet still runs at OC-48, although inter-exchange carriers (IXCs) and other carriers are upgrading to higher speeds. AT&T was the first IXC to deploy an OC-192 trunk from coast to coast across the United States, and UUNET, Genuity, and Cable and Wireless also have OC-192 links deployed.
Level | Line Rate | Payload Rate |
OC-1 | 51.840 Mbps | 50.112 Mbps |
OC-3 | 155.520 Mbps | 150.336 Mbps |
OC-12 | 622.080 Mbps | 601.344 Mbps |
OC-24 | 1.244160 Gbps | 1.202688 Gbps |
OC-48 | 2.488320 Gbps | 2.405376 Gbps |
OC-96 | 4.976640 Gbps | 4.810752 Gbps |
OC-192 | 9.953280 Gbps | 9.621504 Gbps |
Notes
OC-x levels also apply to Asynchronous Transfer Mode (ATM) networks. For wireline communications, electrical levels called Synchronous Transport Signal (STS) correspond directly to SONET optical carrier levels. For example, the OC-3 rate for SONET corresponds to the STS-3 rate for electrical transmission.
See Also inter-exchange carrier (IXC) ,Internet ,Synchronous Optical Network (SONET) ,T-carrier
More commonly called metropolitan Ethernet, the process of using Gigabit Ethernet to provision metropolitan areas with high-speed data services.
See Also metropolitan Ethernet
End-to end networking without conversion of electrical signals into optical and back again.
Overview
Traditional optical networks use fiber-optic backbones in local area networks (LANs) or long-haul fiber in wide area networks (WANs). Such networks are not "optical," however, as only a portion of the network (backbone or WAN link) employs light signals traveling over fiber-optic cabling, while the remainder of these networks involves electrical signals traveling over copper cabling. The main reason that all-optical networks have not yet become commonplace is that routing and switching functions have traditionally been implemented at the electrical level, as there has been no easy way to switch light signals themselves. As a result, traditional networks employ devices that transform electrical signals into optical ones and back again.
This situation, however, is just beginning to change as new technologies are being developed to create all- optical switches and routers. Companies in the forefront of research in this area include Cisco Systems, Nortel Networks, Lucent Technologies, and several startups. Some of the technologies being developed include switches that route light signals of a given wavelength using
Tiny adjustable mirrors: An example of a product using this technology is the Lambda router from Lucent Technologies. Since this technology employs mechanical parts, however, industry analysts do not view it as especially promising.
Tiny bubbles in a heated liquid: These bubbles can be used to divert light signals in response to changing temperature conditions. Agilent Technologies is one company that has worked on this approach, which can form the switching fabric of all-optical mesh networks.
Thermo-optic gateways: This uses narrow silica waveguides whose transmission properties change with temperature to allow light paths to be switched on and off in milliseconds. A start-up called Lynx Photonic Networks is using this approach to develop all-optical switches.
Uses
Initial uses for optical switches and routers are likely to be in carrier-class switching equipment used by service providers and telcos. Some analysts expect such equipment to become widely available about 2005. Enterprise networks may also want to deploy such equipment in their high-speed switched backbones, but this will not likely become popular until several years later due to initial costs of such equipment. Eventually all-optical mesh networks may displace traditional Synchronous Optical Network (SONET) ring architectures in the metropolitan area network (MAN) arena and in cross-connects for long-haul circuits. SONET was originally designed to support time-sensitive voice traffic and is not efficient for carrying packetized data. About half of the capacity of SONET rings in the MAN environment is currently used for data, but the proportion of data to voice traffic is rising rapidly, a critical factor in driving research and development into new optical switching technologies.
Notes
The term optical networking is sometimes incorrectly used to refer to either metropolitan Ethernet (also called optical Ethernet) or lambda switching technologies.
See Also fiber-optic cabling ,lambda switching ,metropolitan Ethernet ,Synchronous Optical Network (SONET)
A device for electrically isolating networking components that are joined by long runs of copper cabling.
Overview
Opto isolators are commonly used in RS-232 serial connections between mainframe hosts and terminals connected by long cables. Opto isolation is typically built into line drivers for serial communication, so separate opto isolators are not required. Opto isolators also prevent ground loops from damaging networking components.
Implementation
When a network component or cable transmitting a signal is connected to one port on an opto isolator, the signal is converted briefly into light and then back into an electrical signal before exiting through the other port on the opto isolator. This brief metamorphosis from electric current into light and back again breaks the electrical connection between the two ports of the device, allowing the signal (alternating current) to flow but preventing direct current from flowing along the cable.
Opto isolator. Using an opto isolator to eliminate ground loops.
See Also ground loop ,RS-232 ,serial transmission
Another name for the publication Trusted Computer Systems Evaluation Criteria (TCSEC), published by the National Computer Security Center (NCSC) of the U.S. Department of Defense (DoD).
Overview
Orange Book standards are used to evaluate the security of both stand-alone and network operating systems (NOSs). The current version of this publication dates from 1985. The Orange Book, which was named for its orange cover, is actually a part of a series of computer system security guidelines and standards that are collectively known as the Rainbow Series.
The Orange Book provides methods of assessing the security of a specific computer system, and it offers hardware and software manufacturers guidance on how to create products that can be certified as secure by the U.S. government and military.
For example, Microsoft Windows NT Server in certain configurations complies with the C2 (Controlled Access Protection) security standards outlined in the Orange Book. C2 is applied not to operating systems but to specifically tested physical computers running those operating systems. C2 is one of a family of security designations that the Orange Book applies to computer systems, which include the following:
D (Minimal Protection): For systems that were evaluated but failed.
C1 (Discretionary Security Protection): Provides separation between users and data by using access controls.
C2 (Controlled Access Protection): Adds user accountability to C1 in the form of logons, auditing, and other features.
B1 (Labeled Security Protection): Builds on C2 by including informal written security policies, data labeling, and mandatory access control.
B2 (Structured Protection): Builds on B1 by including formal written security policies, separation of critical and noncritical elements, and protection against covert entry.
B3 (Security Domains): Builds on B2 by including reference monitoring of all object access to ensure security, a designated security administrator, and system recovery procedures.
A1 (Verified Design): The same as B3, except security is verified by both testing and analysis of formal design. An A1 system is considered impenetrable to hostile attack.
A container object used in Microsoft Active Directory directory service to group together other objects within a domain.
Overview
Organizational units (OUs) are logical groupings of resources within a domain. An OU can contain a variety of objects, including users, groups, computers, printers, or even other OUs. OUs are essential to the scalability of Active Directory as they allow objects in a domain to be hierarchically organized in tree-like structures for easier administration. OUs thus simplify the management of Active Directory domains by allowing different administrative tasks to be delegated to different people.
OUs are often used to duplicate the organizational structure of the company within Active Directory. For example, a company might have OUs named Dev, Marketing, and Sales that represent the network resources of these three departments. OUs can also be assigned according to geographical criteria (New York, Los Angeles, and Detroit, for example) or by administrative function (Accounts, Shares, and Printers).
If several domains are connected into a domain tree, each domain can have its own specifically designed hierarchy of OUs. The structures of domains within a domain tree are independent of one another. However, an OU can contain objects only from its own domain, not from any other domain within a domain tree.
Implementation
When you run the Active Directory Installation Wizard to install Active Directory on a member server running Windows 2000 (thus turning the member server into a domain controller), a hierarchy of default OUs is created. This default hierarchy helps you begin administering Active Directory. It consists of the following default OUs, which you can display by using Active Directory Users and Computers, a snap-in for Microsoft Management Console (MMC):
Builtin: Includes built-in security groups such as Administrators and Account Operators
Computers: Includes other computers in the domain
Users: Includes domain user objects
Domain Controllers: Includes the domain controllers in the domain
Organizational unit (OU). The Domain Controllers OU in a domain.
OUs are displayed in Windows 2000 administrative consoles as folders, much like the folders in a file system that store individual files. You can create OUs for groups of users who will be assigned similar permissions to network resources. You can also create separate OUs for permanent and temporary employees. You can group shared folders and printers with similar security requirements into OUs.
You should create OUs that are stable and will not change frequently, and you should avoid making the hierarchy of OUs too complicated. In a multidomain scenario with a domain tree, it is usually a good idea to make first-level OUs the same for all domains to provide consistency for the company's network resources. First-level OUs typically represent the following:
Different geographical locations, such as countries, regions, or continents, or different functional locations, such as headquarters and branch offices. This is usually the best way to define first-level OUs.
Different types of network resources, such as users, printers, computers, and so on. This simplifies resource administration but might lead to too many first-level OUs.
Different business units, such as Sales, Support, and Management. Keep it flexible and broad enough so that if your company reorganizes, you will not have to re-create everything.
Projects and cost centers.
When creating a hierarchy of OUs, you should generally keep the entire structure of OUs fairly shallow-no more than two or three levels-to ensure good performance when users query Active Directory. A maximum of 10 levels of OUs is recommended.
When migrating from Windows NT to Windows 2000, you can also create OUs to replace resource domains, which are used in Windows NT to simplify and centralize administration of network resources. You can also create domain trees with separate domains for resources. You should create new domains instead of OUs if you want to implement different security policies in different locations or branches of your company or in an extremely large enterprise. Otherwise, it is simpler to create only one domain and organize resources and administrative tasks using OUs within that domain.
OUs are useful in facilitating the administration of Active Directory and therefore in the administration of resources on the network itself. Administrators use OUs to organize users and resources on the network and to delegate administrative and other rights and permissions to users and groups. The administrator has full access rights on all objects in the directory and can assign permissions to various subtrees of OUs for appropriate users and groups. For any OU, the administrator can delegate either of the following rights to specific users and groups:
Complete administrative control: Full control over all objects in the OU
Limited administrative control: The ability to modify only certain aspects of objects contained in the OU
Access to objects in Active Directory is based on discretionary access control lists (DACLs), which offer a security model similar to that used in the NTFS file system. Because objects with similar security requirements are grouped into an OU, permissions assigned to the OU are inherited by all objects in the OU. You assign permissions to OUs and other objects by using Active Directory Users and Computers.
Notes
OUs are not part of the namespace of a company, which in Windows 2000 is based on the Domain Name System (DNS). In other words, you can identify a Windows 2000 domain by using a DNS name such as northwind.microsoft.com, but you cannot identify OUs within the domain by using DNS names. However, you can specify OUs by using Lightweight Directory Access Protocol (LDAP) names.
See Also Active Directory , Active Directory Users and Computers ,domain (DNS) ,Domain Name System (DNS) ,domain tree ,Lightweight Directory Access Protocol (LDAP) ,
A nonprofit consortium that promotes Extensible Markup Language (XML) standards.
Overview
The Organization for the Advancement of Structured Information Systems (OASIS) is a vendor-neutral international organization that strives to develop and promote standards for structured information systems. OASIS was originally formed in 1993 as SGML Open and initially focused on the Standardized Generalized Markup Language (SGML). The name was changed to OASIS in 1998 to reflect the changed focus on XML-based standards and solutions. OASIS acts as a clearinghouse for standards and information concerning structured information systems and helps vendors design products that comply with open XML-based standards.
Together with the United Nations/CEFACT body, OASIS has been active in the development of the Electronic Business Extensible Markup Language (ebXML) standard, a new XML standard for simplifying the exchange of information between business partners to promote e-commerce. OASIS also sponsors the XML.ORG site as a reliable source of information regarding XML standards.
For More Information
Visit OASIS at www.oasis-open.org
See Also Electronic Business Extensible Markup Language (ebXML) ,XML
An emerging technology for achieving higher data rates in wireless communications.
Overview
Orthogonal Frequency Division Multiplexing (OFDM) is an emerging signal modulation technology for high- speed communications. While OFDM can be employed in both wireless and wireline communication systems, the technology is mainly being developed to enhance transmission speeds of cellular communications systems beyond the range of emerging third-generation (3G) systems. Other improvements that OFDM provides include overcoming line-of-site (LOS) communications problems, extending the range and subscriber coverage areas of cellular communication systems, and overcoming antenna size issues relating to fixed wireless communications.
Prospects
Current work on OFDM involves harmonizing competing standards developed by the Institute of Electrical and Electronic Engineers (IEEE) and the European Telecommunications Standards Institute-Broadband Radio Access Networks (ETSI-BRAN) standards bodies. Practical OFDM systems are under development by AT&T and others for future fourth-generation (4G) cellular communication systems. Another example is Flarion Technologies, a spin-off from Lucent Technologies, which is developing an OFDM signal-processing scheme called Flash OFDM.
See Also 3G ,cellular communications ,wireless networking
A network operating system from IBM.
Overview
OS/2 is a 32-bit operating system that was originally developed by IBM and Microsoft Corporation as a replacement for the 16-bit text-based Microsoft Disk Operating System (MS-DOS). After Microsoft left the project to focus on its own Microsoft Windows operating system, IBM continued to develop OS/2, which is now called OS/2 Warp and includes both server and desktop versions.
IBM's current line of OS/2 software includes the OS/2 Warp Server, the OS/2 Advanced Warp Server, and the OS/2 Warp 4 client. OS/2 Warp in its various forms is a 32-bit preemptive multitasking operating system that supports application, file and print, groupware, and Web server configurations as well as desktop workstations. OS/2 Warp Server includes symmetric multiprocessing support and clustering technologies for high-availability server environments. OS/2 Warp Server supports most common networking protocols and all types of clients, including Microsoft Windows, Apple Macintosh, and AIX clients.
For More Information
Visit OS/2 Warp online at www.software.ibm.com/os/warp.
See Also Microsoft Windows ,network operating system (NOS)
Stands for Open Systems Interconnection model, a reference model for computer networking developed by the International Organization for Standardization (ISO).
See Also Open Systems Interconnection (OSI) reference model
Stands for Open Shortest Path First, a popular link state dynamic routing protocol for large Internet Protocol (IP) networks.
See Also Open Shortest Path First (OSPF)
A new operating system for the Apple Macintosh computing platform.
Overview
Mac OS X represents a radical departure from earlier versions of the Mac OS. Unlike earlier versions, the OS X kernel called Mach is based on a version of the UNIX operating system called BSD 4.4. This radical departure allows the Macintosh platform to marry its advanced graphical user interface and multimedia features with the stability and reliability of the well-tested UNIX platform.
Other enhancements in Mac OS X include
Apple Computer's new Quartz 2-D imaging technology
3-D imaging based on the OpenGL standard
Integrated QuickTime technology
Adobe Portable Document Format (PDF) printing technology
A powerful new graphical user interface called Aqua
See Also Macintosh ,UNIX
Stands for organizational unit, a container object used in Active Directory directory service to group together other objects within a domain.
See Also organizational unit (OU)
Microsoft Corporation's premier mail client and full-featured desktop information-management application.
Overview
Microsoft Outlook, which is part of the Microsoft Office suite, enables users to manage their messages, appointments, contacts, tasks, and activities. It also integrates with other Office applications at the front end and with Microsoft Exchange at the back end to enable users to collaborate using e-mail, calendar, contact lists, task lists, journals, and notes. Outlook is a full Messaging Application Programming Interface (MAPI) client and interoperates with all e-mail systems that support MAPI.
Outlook can be run as a stand-alone application or as part of the Office suite. Outlook's advanced features include the following:
Support for MAPI, Post Office Protocol version 3 (POP3), Internet Mail Access Protocol version 4 (IMAP4), and Hypertext Transfer Protocol (HTTP)
A common user interface with other Office components
AutoNameCheck, message tracking, message recall, embedded hyperlinks, and other e-mail enhancements
Enhancements to calendar and scheduling functions to facilitate processing of meeting requests, tracking attendees, and configuring the duration of appointments
Simplified tracking of "to do" lists using task requests, task tracking, status reports, and task categorizations
Custom Outlook forms for creating custom collaboration applications
For More Information
Find out more about Microsoft Outlook at www.microsoft.com/outlook.
See Also e-mail
A basic Internet mail and news client included with Microsoft Internet Explorer version 4 and later.
Overview
Microsoft Outlook Express replaces the older Microsoft Internet Mail and News client included with Internet Explorer 3 and includes the following features:
Customizable three-pane view that shows folders, messages, and message content
WYSIWYG editing of Hypertext Markup Language (HTML) messages
Support for Internet standard protocols, including Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), Internet Mail Access Protocol version 4 (IMAP4), Lightweight Directory Access Protocol (LDAP), and Network News Transfer Protocol (NNTP)
Support for multiple Internet service provider (ISP) accounts so that users can receive mail from multiple e-mail accounts and download all messages into the same Inbox
Integration with Internet Explorer security zones
Automatic name resolution (matching address book entries to a typed username)
Stationery templates for adding a personal touch to messages
Enhanced Inbox rules for filtering incoming mail
Remotely managing telecommunications equipment using out-of-band (OOB) signaling.
Overview
Out-of-band management (OBM) is a popular method of remotely managing the wide area network (WAN) telecommunications components. OBM manages devices "outside of the normally used bandwidth," in other words, using a separate communications link than the one being used for data transmission. These out-of-band (OOB) links are typically secondary serial communication links. WAN devices typically managed using OOB include routers, switches, access servers, multiplexers, and Channel Service Unit/Data Service Units (CSU/DSUs). Devices that can be managed out of band usually have an RS-232 port or some other kind of serial interface for remote control of their functions.
OBM offers several advantages over in-band management systems such as Simple Network Management Protocol (SNMP) management systems. For one thing, OBM is more secure than in-band management since it typically uses a dedicated serial link for management purposes, Also, SNMP employs the network itself for communication, so if the WAN link goes down, the remote station cannot use SNMP to determine the problem because SNMP functions only if the WAN link is working. OBM is often used as a backup system for in-band SNMP management, when the devices have limited SNMP support, or when the cost of an SNMP management system cannot be justified. You can often manage a device in-band by using a remote Telnet client for entering the same commands that are used in OBM.
Implementation
In a typical OBM setup, a remote PC is connected by a modem through a phone line to a code-operated switch located at the office local area network (LAN). This switch controls networking and telecommunication devices such as routers, bridges, switches, CSUs, and even power supplies through their RS-232 serial connections. Alternatively, the modem might be connected directly to a remote modem connected to the device being managed. In either case, the result is a separate low-cost dial-up circuit connecting the administrator and the network devices that is independent of the main network connection, which is usually a more expensive T1 or other leased line. The administrator can thus access the WAN device from a remote location even when the WAN link itself is down, and can troubleshoot the problem from off-site. OBM also allows administrators to access and configure WAN devices without disturbing the WAN link itself.
You could use OBM functions on a power supply to remotely reboot or reset your network devices when they go down. You can use out-of-band switches to select different serial interfaces remotely over a modem by issuing simple ASCII commands to different devices. You can even use OBM to remotely configure and control devices on your network. OBM devices are a useful part of a network disaster recovery plan.
Out-of-band management (OBM). Managing WAN hardware out-of-band.
For networking devices that you can configure and troubleshoot using out-of-band connections, you usually perform management tasks by connecting to a serial port (also called the setup port or configuration port) either locally with a cable or remotely through a modem. You usually use text-based commands from a terminal emulator program such as Windows HyperTerminal, which can emulate a VT100 terminal. You can often control access using passwords for extra security.
You can often use out-of-band transmission so that a device that enters a problem state calls an administrator's pager through a modem. The administrator can then dial in to the device remotely and correct the problem. Some network devices include built-in modems and data switches for remote OBM.
OBM is also used in other areas-for example, servers are often built with OBM capabilities and when they enter a problem state can also take advantage of an OOB connection to deliver an alert.
See Also out-of-band (OOB) signaling ,Simple Network Management Protocol (SNMP) ,wide area network (WAN)
Any transmission technology in which signaling is separate from the data being transmitted.
Overview
Out-of-band (OOB) signaling uses one or more channels for transmitting data or voice information and one special out-of-band channel for performing signaling functions such as establishing and terminating the communication link, controlling flow, or transmitting error information. The out-of-band channel can be
A physically separate set of wires (such as pins 4 and 5 of an RS-232 cable, which perform flow control functions and do not carry data)
A multiplexed system in which bandwidth is divided into two or more channels within the same set of wires such as Integrated Services Digital Network (ISDN), in which the two B channels and one D channel are multiplexed onto the same set of wires)
The opposite of out-of-band is in-band, in which signaling information is sent over the same channel as the data transmission. Out-of-band transmission is usually considered a better choice than in-band transmission for the following reasons:
None of the valuable data bandwidth is used for signaling.
The data stream is not interrupted with signaling information.
The signaling information cannot be disrupted by the noise created by the data transmission.
Data transmission characters cannot accidentally (or purposefully) initiate control actions.
Notes
Out-of-band circuits are often used for out-of-band management (OBM) of wide area network (WAN) devices. These are usually physically separate dial-up lines.
See Also in-band signaling ,
Contracting business functions to external companies.
Overview
Outsourcing of IT (information technology) needs has been an increasing trend in recent years, but such outsourcing is not new. Broadly speaking, for the first few decades of the computing era outsourcing reigned supreme as companies either leased mainframe technology and staff or bought time-sharing services from mainframe computing centers. The client/server revolution of the 1980s then saw the rise of in-house IT departments as large companies sought to gain strategic control of their own IT services and smaller companies tended to rely more on outsourcing deployment and troubleshooting services to consultants and system integrators. In the late 1990s, however, the pendulum began to swing back toward outsourcing a larger share of IT functions. This happened for several reasons:
Time-to-market has become critical in the accelerating Internet economy, and startup companies often gain a significant edge in this respect by outsourcing their system management and application needs to a new breed of Application Service Providers (ASPs) and Management Service Providers (MSPs).
The Internet itself has become a key enabler for outsourcing network, desktop, and application management through new browser-based management platforms. The Internet has also realized the virtual enterprise in which companies can manage contract IT staff in remote locations in order to fulfill application development, technical training, and help desk needs that are difficult or expensive to achieve locally.
The difficulty of recruiting and hiring experienced IT professionals and the cost of retaining them has made outsourcing of many IT functions an attractive solution for many companies.
Today, common outsourced IT functions and services include application hosting, messaging, disaster recovery, enterprise resources planning (ERP), customer relationship management (CRM), supply-chain logistics management, and help desk functions.
Marketplace
The big three companies in the enterprise IT outsourcing arena are EDS, Computer Sciences Corporation, and IBM Global Services. These companies together service the largest share of the corporate outsourcing market, but dozens of ASPs and other service providers have arisen in the last few years to compete in this arena. In 2000, the total IT outsourcing market was estimated at over $100 billion and was growing at over 10 percent a year.
See Also application service provider (ASP) ,Customer Relationship Management (CRM) ,enterprise resource planning (ERP) ,Management Service Provider (MSP)
The user ultimately responsible for the permissions assigned to a file, usually the creator of the file.
Overview
In the NTFS file system, for example, a file stored on an NTFS volume always has an owner. Ownership creates a trail of accountability for actions performed on the file. By default, a file's owner has permission to modify the object's discretionary access control list (DACL) by granting users and groups permissions for various objects.
The ownership of a file on an NTFS volume can be changed in two ways:
The user who owns the file, or any user who has full control permission on the file, can grant the NTFS take ownership permission to another user, thus allowing that user to take ownership of the file by using the file's Security property sheet. Users can be allowed to take ownership of a file they do not own, but ownership cannot be assigned to them by other users (even the original owner or an administrator).
Members of the Administrators group can always take ownership of any file by using the Security property sheet. When an administrator takes ownership of a file, the Administrators group, and not the individual administrator, becomes the file's owner.
Notes
In the Microsoft Windows 2000 and Microsoft .NET Server operating systems, objects in Active Directory directory service also have owners. The user who creates an object in Active Directory becomes the object's owner. The owner controls the permissions for the object and its attributes. Ownership of an object in Active Directory can be changed in ways similar to those for a file on an NTFS volume.
See Also NTFS file system (NTFS)
