لطفا منتظر باشید ...
•
Table of Contents
•
Index
•
Reviews
•
Reader Reviews
•
Errata
LDAP System Administration
By
Gerald Carter
Publisher
: O''''Reilly
Pub Date
: March 2003
ISBN
: 1-56592-491-6
Pages
: 308
If you want to be a master of your domain, LDAP
System Administration will help you get up and
running quickly regardless of which LDAP version you use.
After reading this book, even with no previous LDAP
experience, you''''ll be able to integrate a directory server
into essential network services such as mail, DNS, HTTP, and
SMB/CIFS.
Chapter 1. "Now where did I put that...?", or "What is a directory?"
I have a fairly good memory for numbers, phone numbers in particular.
This fact amazes my wife. For those numbers I cannot recall to the
exact digit, I have a dozen or so slots in my cell phone. However, as
the company I worked for grew, so did the list of people with whom I
needed to stay in contact. And I didn't just need
phone numbers; I needed email and postal addresses as well. My cell
phone's limited capabilities were no longer adequate
for maintaining the necessary information.So I eventually broke down and purchased a PDA. I was then able to
store contact information for thousands of people. Still, two or
three times a day I found myself searching the
company's contact database for
someone's number or address. And I still had to go
to other databases (phone books, corporate client lists, and so on)
when I needed to look up someone who worked for a different company.Computer systems have exactly the same problem as humansboth
require the capability to locate certain types of information easily,
efficiently, and quickly. During the early days of the ARPAnet, a
listing of the small community of hosts could be maintained by a
central authoritySRI's Network Information
Center (NIC). As TCP/IP became more widespread and more hosts were
added to the ARPAnet, maintaining a centralized list of hosts became
a pipe dream. New hosts were added to the network before everyone had
even received the last, now outdated, copy of the famous
HOSTS.TXT file. The only solution was to
distribute the management of the host namespace. Thus began the
Domain Name System (DNS),
one of the most successful directory services ever implemented on the
Internet.[1][1] For more information on the Domain Name
System and its roots, see DNS and BIND, by Paul
Albitz and Cricket Liu (O'Reilly).
DNS is a good starting point for our overview of
directory services. The global DNS
shares many characteristics with a directory service. While directory
services can take on many different forms, the following five
characteristics hold true (at a minimum):
A directory service is highly optimized for reads. While this is not a restriction on the DNS model, for performance
reasons many DNS servers cache the entire zone information in memory.
Adding, modifying, or deleting an entry forces the server to reparse
the zone files. Obviously, this is much more expensive than a simple
DNS query.
A directory service implements a distributed model for storing
information. DNS is managed by thousands of local administrators and is connected
by root name servers managed by the InterNIC.
A directory service can extend the types of information it stores. Recent RFCs, such as RFC 2782, have extended the types of DNS
records to include such things as server resource records (RRs).
A directory service has advanced search capabilities. DNS supports searches by any implemented record type (e.g., NS, MX,
A, etc.).
A directory service has loosely consistent replication among
directory servers. All popular DNS software packages support secondary DNS servers via
periodic "zone transfers" that
contain the latest copy of the DNS zone information.
