Discovering Problems

Understanding and Deploying LDAP Directory Services > 7. Schema Design > The Purpose of a Schema

<  BACK CONTINUE  >
153021169001182127177100019128036004029190136140232051053055078214170105117029130160032

The Purpose of a Schema

A directory schema is a set of rules that determines what can be stored in a directory service and how directory servers and clients should treat information during directory operations such as a search. Before a directory server stores a new or modified entry, it checks the entry's contents against the schema rules. Whenever directory clients or servers compare two attribute values, they consult the schema to determine what comparison algorithm to use.

Chapter 6, "Data Design," covers the importance of combining redundant data elements (i.e., those needed by more than one application) into as few data elements as possible. One of the main purposes for a schema is to ensure that poorly behaved applications or directory interfaces play by the rules and do not store redundant data in the directory service. Imagine the consequences if every directory-enabled application stored a person's name in a different directory attribute. This would result in wasted storage space and values that should be the same but are different ”and it would ultimately lead to a lot of confusion on the part of applications and end users.

Schemas can also be used to impose constraints on the size , range, and format of data values stored in the directory. For example, according to the Internet mail standards, email address values should use a restricted set of characters and should conform to a specific format ( addr@domain ). In many cases schema rules impose simple restrictions such as "this value must be an integer." Ensuring that the data values in the directory service conform to a collection of simple rules increases the quality of the data.

Finally, directory schemas can help slow the effects of directory entropy. Although they are not a substitute for appropriate access control rules (as described in Chapter 11, "Privacy and Security Design" ), schema rules do help a bit in preventing chaos within your directory service.

Suppose you allow end users to modify directory entries, but there is no schema enforcement; you should not be surprised when your directory servers become overburdened with a lot of information that does not belong there. Some users will store a lot of information that is of interest to only themselves , some will store very large values, and others may be silly or even malicious. For example, somebody might try to use an LDAP-based directory as a file system backup service for their PC, although most people would agree that this is inappropriate and should be discouraged!

Tip

If you have a lot of experience with traditional databases, you probably can't imagine a data store that does not impose schema rules. However, keep in mind that many of the users of your directory service may be novices without any directory service, database, or schema experience. Part of your job as the directory architect is to educate your users and developers and help them understand that schemas improve the directory service by increasing its reliability and the quality of the data.





Understanding and Deploying LDAP Directory Services,  2002 New Riders Publishing
<  BACK CONTINUE  >

Index terms contained in this section

applications
          administering with schemas
constraints
          imposing with schemas
directories
         schemas
                    administering applications
                    constraints;imposing
                    educating users
                    preventing user abuse
                    purpose of 2nd 3rd
                    slowing entropy
educating
         users
                    about schemas
entropy
         directory
                    slowing with schemas
imposing constraints
          with schemas
schemas
         applications
                    administering
         constraints
                    imposing
         directory abuse
                    preventing
          purpose of 2nd 3rd
          slowing entropy
         users
                    educating
users
         directory
                    educating about schemas
         directory abuse
                    preventing with schemas

2002, O'Reilly & Associates, Inc.



Understanding and Deploying LDAP Directory Services
Understanding and Deploying LDAP Directory Services (2nd Edition)
ISBN: 0672323168
EAN: 2147483647
Year: 1997
Pages: 245

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net