[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Fw: How useful is oracle internet directory server?
Hi Robert,
There are other solutions to the problem of directory integration, but
what I defined is basically what a metadirectory is accepted as being
(based on most vendor interpretations and the Burton Group's paper on
the subject).
At one point I actually wrote a simple Java-based LDAP protocol engine
to experiment with ways to do real-time integration without the join
functionality (i.e. use JDBC, JNDI, and other interfaces to communicate
with multiple backends directly). I also co-wrote PerLDAP and
Net::LDAPapi Perl modules in part to solve some tactical point-to-point
integration issues.
However, my personal opinion is that the general metadirectory framework
that I outlined in my last mail is probably the best strategic solution
to directory integration problems that I've come across to-date. It also
seems to be the most practical when it comes to dealing with everyday
organizational and political issues surrounding some of these
integration problems.
Clayton
Robert Klerer wrote:
>
> Clayton,
>
> I would like to interject that your first sentence implies that there are no
> other solutions to metadirectory. The two most promoted solutions use the
> architecture you describe, but that does not necessarily mean that it is the
> only choice.
>
> I can think of several other alternatives that don't need an additional
> information store to solve the problem of having too many information
> stores.
>
> From: Clayton Donley <donley@wwa.com>
>
> > Hi Giovanni,
> >
> > At its most basic level, a metadirectory basically has three major
> > components.
> >
> > 1. Connector - Moves data from a particular connected data store to a
> > central join component. Most vendors support LDAP out of the box and
> > have various connectors for other types of data stores.
> >
> > 2. Join - Figures out that Joe in one connected data store is the same
> > as Joe in another connected data store. When changes are made to one
> > connected data store, the join component uses rules and policies to
> > determine which other connected data stores should see these changes.
> >
> > 3. View - May be an integrated directory that shows the contents of
> > metadirectory or may simply be another connected directory.
> >
> > The idea behind a metadirectory is that legacy applications will not go
> > away and not all new applications and directories will support common
> > schema and namespace, even if they do support LDAP. Using a
> > metadirectory allows you to integrate these various directories without
> > forcing you to make changes to major infrastructure pieces and
> > applications that may be beyond your immediate control.
> >
> > One common example is to have HR as a connected directory responsible
> > for people objects. A connector interfacing with PeopleSoft would read
> > changes and forward them to the join component. The join would then read
> > its configuration and make a determation as to what other directories
> > need that person information.
> >
> > The benefit here is that you can do a one-to-one mapping between
> > attributes in PeopleSoft and attributes in the metadirectory and not
> > have to worry about the relation between a PeopleSoft field and various
> > attributes in each directory. This is much easier to manage than
> > point-to-point synchronization once you get beyond one or two connected
> > directories.
> >
> > So basically the answer to your question is that yes, a metadirectory
> > should be able to update a user table in Oracle if it is properly
> > configured.
> >
> > Clayton
> >
> >
> >
> > Giovanni Baruzzi wrote:
> > >
> > > We had to maintain a Table of user entries in an Oracle DB; other
> applications make use of this information.
> > > Can a Metadirectory also update a table? I had the impression that
> Metadirectory are mailny read-only.
> >
> >
> >