After Directory Services: Solidified Data Structure
| Today, a directory service provides a central location for commonly requested identification and authentication information. It is the protocol(s), process(es), and data store(s) that provide a method for requesting and receiving data. Having the central data store, rather than scattered files, was integral to the bigger picture. Centralized Data StoreInstead of requiring users to enter a user name and password each time they use a different application, requests can be made to a central directory service. By consolidating or centralizing this information, directory services simplify the interactions between applications (requestors) and the administrative data they create and use. Requestors no longer need to know how and where administrative data is stored: Directory services can retrieve the data for them. If a requestor needs the location of a user's home folder, it simply has directory services retrieve the information and then return it to the requestor, insulating the requestor from the details of how the information is stored. This centralizing of information is particularly beneficial to administrators, because they don't have to maintain separate user account information on each individual's computer. Additionally, information does not have to be maintained in several different formats to support different client applications. However, a distribution method must be in place to permit one computer to access directory information on another computer. DistributionDirectory services provide a way to distribute identification and authentication information. They are either local (they are used only on your local computer) or remote (they reside on another computer and your computer must be configured to request information from them remotely). Requestors can be configured to use common protocols to request that information through remote processes and, therefore, access remote data stores. Remote directory services enable you to distribute the information and make it available to more than one computer over a common protocol. This method works well if all computers are running an identical operating system, but one more piece to the puzzle is needed to make directory services complete: a middleman. Heterogeneous IntegrationDirectory services enable you to access identification and authentication information from a variety of data stores. The problem, however, is that having user information stored in many different places can pose an administrative challenge. A given user might have a record on many different computers, making tasks such as updating passwords or modifying user information more difficult and prone to error. In addition, users might need to remember several user names and passwordsoften a different set for each service. As a result, administrators are forced to learn and understand many different tools for working with all the systems. This problem is solved by using a standard set of processes that handle all directory-service calls. This "middleman" gives requestors a means of gathering information from a variety of directory services, using the processes and data stores of those services, without the requestor needing to know where the information came from or what format it was in. Furthermore, the information can be distributed so that it is visible on a network to the computers that need it and the administrators who manage it. In Mac OS X and Mac OS X Server, this "middleman" is called Open Directory. |
EAN: 2147483647
Pages: 258