Sun Solaris Products
Server Solutions
  

Welcome to Sun Directory Services 3.1

  

Sun Directory Services provides a distributed, scalable, client/server-based global directory that can be used to store information such as user definitions, user profiles, and network resource definitions. Both users and applications can locate and access information from anywhere on the network through the global directory.

Target Applications

Target applications for Sun Directory Services include the following:

Corporate directories: A distributed corporate directory, accessible from anywhere in the company, and listing networked resources and users with their related details and attributes, is important to the smooth running of an enterprise network. Sun Directory Services provide the ideal solution for creating such a distributed directory.

Global messaging: In order to get the most out of a corporate mail system, it is crucial that users be able to find a correspondent's mail address and profile easily and quickly, from anywhere on the network. Sun Directory Services enables them to do that.

Network management: A global directory listing resources and attributes enhances productivity for both network managers and management applications. Sun Directory Services can be used in conjunction with network management products to provide a powerful, scalable repository of networked objects.

User authentication: Secure systems are becoming increasingly important in the networked world. Single sign-on systems and secure networks rely on directories containing user permissions and encryption codes. Sun Directory Services can be used to create such repositories.

User profiling: Network providers can use Sun Directory Services to build a user profile directory in which they can store such information as user names, addresses, permissions, preferences, and so on.

Sun Directory Services 3.1 Features

Sun Directory Services 3.1 offers a global directory and naming service. It provides:

  • A Lightweight Directory Access Protocol (LDAP) server, compliant with the LDAP v3 Internet standards
  • An LDAP replication server
  • A Network Information System (NIS) server, that integrates into an existing NIS environment to provide an integrated naming service
  • A Remote Access Dialup User Service (RADIUS) server that provides authentication for remote users connecting to the network through a Network Access Server, and provides accounting services
  • An administration console displayed in HotJavaTM that offers local and remote configuration and management
  • A directory editor in JavaTM (Deja) for maintaining directory information
  • An LDAP/HTTP gateway that offers access to the directory from any web browser
  • Aliasing support, where one entry can be a symbolic link to another entry in the same data store
  • Replication of some or all of the information held in a data store to another data store
  • A set of administration commands, including data import utilities, for populating the directory, plus data export utilities
  • SNMP agents for monitoring by a management application

The secure version of Sun Directory Services also offers the following security features:

  • Optional encryption of communication between directory clients and servers using SSL
  • Strong authentication in bind using the SASL protocol and the CRAM MD5 profile
  • Password encryption in RADIUS transactions

Benefits

The distributed architecture of Sun Directory Services makes the directory particularly robust. Even if one server goes down, the other servers can provide access to the directory information. A logically unique database, distributed across multiple servers, allows users and applications to access the same directory information from anywhere on the network, using a local server.

The logically unique structure decreases the system administration load and enables the directory to be managed centrally; information need only be added, edited or deleted once, at one point in the network. Replication is handled automatically, and can apply to all data, to selected attributes, or to selected subtrees. Up to one million entries can be stored per server.

Name aliases give different logical views of directory structures, for example, by entity, function, or geographical location.

Product Architecture

graphic of Sun Directory Services 3.1 architecture
  

Sun Directory Services offer access to directory information through a number of different protocols:

  • LDAP, for messaging, directory, and management applications
  • RADIUS, for authentication applications
  • NIS, for all applications that use NIS naming services
  • HTTP, for access through any web browser

The Sun Directory Services also include the following Java applets:

  • An Administration Console for local or remote configuration and administration
  • The Deja tool for updating the directory database

Solaris Integration

  • The Sun Directory Services can be accessed through the XFN (X/Open® Federated Naming) API in Solaris 2.6. The XFN API enables customers to access information stored in several naming and directory services, such as NIS+, DNS, and LDAP.
  • XFN includes LIBLDAP v.2. The LDAP API (compliant with RFC 1823) enables customers to directly access information stored in the LDAP directory.



Copyright 1998 Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303, U.S.A. All rights reserved. 000" LINK="#0000EE" VLINK="#551A8B