Networks and the Internet have many of the same requirements for a directory. As they both handle more and more users each year, they require simpler methods for handling users who need access to world-wide resources while maintaining security. eDirectory has been designed to fulfill these needs in the following types of directories:
Traditionally, networks have been organized around specific servers; if you wanted to access a particular service, you needed to access the server that held those services. This meant that you had to know the server’s name and address, and you had to have a password stored on that server.
Instead of providing a server-centric environment, eDirectory provides a network-centric environment. The eDirectory database provides a view of all services, such as printers, servers, and volumes, available on the network. Once you log in to the network, you have access to all services you have rights to access. eDirectory provides the tools for administrators and applications to manipulate the network environment.
eDirectory is available on multiple operating systems: NetWare®, Windows 2000, Windows NT, Sun Solaris, Unix and Linux and IBM AIX. Usually networks that require the services of multiple operating systems also require the maintenance of a directory or a database of users and passwords for each operating system. eDirectory eliminates that kind of duplication and becomes the directory for the entire network.
eDirectory is not just a network directory, it is also an Internet directory capable of handling all the requirements of a full service directory. A full service directory manages discovery, security, storage, and relationships.
Discovery. Discovery is the ability to browse, search, and retrieve specific information from the directory. For example, you can search for specific object types, such as users, printers, and application objects, or search for specific properties such as a user's name, phone number, address, or network number.
Security. Security controls access to all the information that is stored in the directory. You establish the rules and grant the rights that allow users to access the information in the directory. In addition, you control the flow of information within your company, across networks of partners, and even your customers. Using eDirectory, you can manage the electronic transactions between companies through the cryptographic and key management systems. More specifically, the Public Key Infrastructure (PKI) available in eDirectory today provides security for Internet data integrity and privacy across public networks. It includes both public-key cryptography and digital certificates for checking the authenticity of keys used in a public session.
Storage. Storage provides the basic ability to save information in the database for future reference. The database is indexed, cached, and guarded from data corruption by a transaction system. Besides merely storing data, the database allows you to automatically control the type of data by applying classifications to the data structures. The classifications are flexible and extensible to provide future representations in the database. The database can be split into physical pieces and distributed or placed on multiple servers. These features enable you keep a portion of the data close to the users and resources that need them and make multiple copies of the data for redundancy.
Relationship. Relationship is the ability to build associations between the people, devices, applications, and information on the network and the Internet. For example, instead of storing a user’s profile information on the local machine, it can be stored in eDirectory. The result is that the profile information becomes global within the scope of the directory and the user can access the profile information from anywhere. This means that the user receives the same profile regardless of where the user logs in to the network. In addition, the access to the profile information is tightly controlled. The only user that can gain access is the one with the proper credentials. Thus, the integrity of profile information is secure, and the user can access it globally, easily.