LDAP-style Naming

  • Sysmgt requirements drive naming design

    names stable across re-orgs, some re-names (eg person);
    related to managed objects: hosts, services, accounts;
    for program access, not end-user access;
    DS often driven from external data, not direct update;

  • Naming context based on DNS, using dc elements

    DNS domain defines computing env and its objects;
    avoids another (obscure) registration;
    effectively hang DS trees from nodes in DNS tree

  • Flat within DNS-based context

    single bucket per type rather than per OU;
    eg, People, Accounts, Groups, Hosts, Services

  • Artificial RDNs

    e.g. employee number, UUID/GUIDs instead of natural names

  • uuid=9f47a3..., cn=People, dc=washington, dc=edu

    cn=Robert L Morgan, displayName=RL "Bob" Morgan
       are just more attributes

    •  

    rlmorgan@ washington.edu [next | top]
    TWIST '99