Transcript Document
Directory or Database:
Choosing the Right Tool
for the Job
www.novell.com
Justin J. Taylor
Chief Strategist, Directory Services
Novell, Inc.
[email protected]
Vision…one Net
A world where networks of all types—corporate and public,
intranets, extranets, and the Internet—work together as
one Net and securely connect employees, customers,
suppliers, and partners across organizational boundaries
Mission
To solve complex business and technical challenges with Net
business solutions that enable people, processes, and
systems to work together and our customers to profit from
the opportunities of a networked world
Deployed Versions Novell eDirectory™
and Novell Directory Services® (NDS®)
Product Version
Build Version
Platforms
Novell NetWare® 5.1 SP4 (NDS 7)
DS.nlm v7.57
NetWare 5.1
NetWare 5.1 SP 4 (NDS 8)
DS.nlm v8.79
NetWare 5.1
eDirectory 8
DS.nlm & DS.dlm v8.79
NetWare 5.0,Win NT/2K
eDirectory 8.5.x
DS v85.23
NetWare 5.x,Win,Solaris
NetWare 6 (eDirectory 8.6)
DS.nlm v10110.20
NetWare 6
eDirectory 8.6.1
DS v10210.43
NW 5.1,NW 6,Win,Solaris,Linux
NetWare 6 SP1 (eDirectory 8.6.2)
DS.nlm v10310.17
NetWare 6
eDirectory 8.6.2
DS v103xx.xx
NW 5.1,NW 6,Win,Solaris,Linux
eDirectory 8.7
DS v10410.xx
NW 5.1,NW 6,Win,Solaris,Linux,AIX
Differences between
eDirectory and NDS
NDS
eDirectory
NOS directory focused on
managing NetWare® servers
A cross-platform, scalable,
standards-based directory
used for managing identities
that span all aspects of
the network—eDirectory
is the foundation for eBusiness
NetWare 5
NetWare
NetWare 6
Why the Battle?
• Territorial battle
DBA vs. network
administrator
SQL vs. LDAP
• Lack of understanding
Directory technologies
vs. RDBMS* technologies
• Marketing from the
database vendors
• Inferior directory servers
on the market
*Relational Database Management System
What Makes Up a Directory Service?
• Discovery services
Writing and retrieving data
• Security services
Securing data
• Relationship services
Defining complex
relationships around the
data the directory holds
• Storage Services
Database
services
Characteristics of an
LDAP-Compliant Directory
• Extremely fast read
•
•
•
•
•
•
•
operations
Relatively static data
Distributed
Hierarchical
Object-oriented
Standard schema
Multi-valued attributes
Multi-master replication
Source: “Should I Use a Directory, a Database or Both?” —Novell AppNotes
Characteristics of an RDBMS
•
•
•
•
•
•
Write-intensive operations
Data in flux or historical data
Application-specific schema
Complex data models
Data integrity
ACID transactions
Atomic
Consistent
Isolation
Durable
Source: “Should I Use a Directory, a Database or Both?” – Novell AppNotes
Can Novell eDirectory Be Used in
Write-Intensive Environments?
• Yes…
Deployments today
supporting tens of
millions of users
Integration with banking
applications with
hundreds of thousands
of transactions
While eDirectory is
tuned for read
performance, it can be
tuned for writes as well
• …and No
Wouldn’t recommend
for transactional
systems such as credit
card transactions
Wouldn’t recommend
for historical data
Does eDirectory Provide Data Integrity?
• Many process are integral to eDirectory to ensure
data integrity
Back
linking
Obituaries
Limber
Skulker, etc.
• Includes powerful repair and maintenance tools
• While some similar process are part of an RDBMS,
most have to have extensive configuration
Can eDirectory Stand Up to
the ACID Test?
• ACID transactions
Atomic
Consistent
Isolation
Durable
• Results of a transaction’s execution are either all committed or all
rolled back—all changes take effect, or none do
• The database is transformed from one valid state to another valid
state
• This defines a transaction as legal only if it obeys user-defined
integrity constraints—illegal transactions aren’t allowed, and if an
integrity constraint can’t be satisfied, then the transaction is rolled
back
• The results of a transaction are invisible to other transactions until
the transaction is complete
• Once committed (completed), the results of a transaction are
permanent and survive future system and media failures
Can eDirectory Stand Up to
the ACID Test?
Novell eDirectory
Explanation
Atomic
Yes
• Modification of a single object in the
Consistent
Yes
• The database will not be left in an
directory may require updates to multiple
objects as well as updates to various
indexes
• If any of the updates fail, all of the
changes are rolled back
• Otherwise, the changes are committed as
an atomic unit of work
unusable state as the result of a failed
transaction
• Likewise, if a transaction commits, all
entries and indexes will be guaranteed to
be valid and usable
Can eDirectory Stand Up to
the ACID Test?
Novell eDirectory
Isolation
Yes
Explanation
• Uncommitted changes made to the
database are visible only to the thread
making the changes
• All other threads see a consistent
snapshot of the database at points in
time preceding the start of the update
transaction
• Once the update commits, the changes
become available to others
• If the transaction aborts, the changes
are discarded
Can eDirectory Stand Up to
the ACID Test?
Novell eDirectory
Durable
Yes
Explanation
• The database uses two types of logging
to ensure the durability of update
transactions
• The rollback log records prior versions of
database blocks so the database can be
returned to a well-known state ("check
pointed") during recovery
• The roll-forward log records logical
updates that occur against the database
• During recovery, these operations are
replayed from the last checkpoint
through the last committed transaction
Questions to Determine Your Need
• Does the data need to be
distributed?
Directories make
distribution easy and
transparent
• Well, at least some do
An RDBMS distribution
configuration is not easy
and in definitely not
transparent
Source: “Should I Use a Directory, a Database or Both?”—Novell AppNotes
Questions to Determine Your Need
• Can the data be used
by more than one application?
Source: “Should I Use a Directory, a Database or Both?”—Novell AppNotes
(cont.)
Questions to Determine Your Need
• Is the data multi-valued?
Source: “Should I Use a Directory, a Database or Both?”—Novell AppNotes
(cont.)
Questions to Determine Your Need
• Can your data or application
(cont.)
DA-TREE
take advantage of a
hierarchical relationship?
DigitalAirlines
Corp
Partners
Airports
HR
AM
Source: “Should I Use a Directory, a Database or Both?”—Novell AppNotes
AP
EU
Admin
Questions to Determine Your Need
• Do you need flexible security options?
Source: “Should I Use a Directory, a Database or Both?”—Novell AppNotes
(cont.)
Questions to Determine Your Need
• Do you need distributed or delegated
administration capabilities?
Source: “Should I Use a Directory, a Database or Both?”—Novell AppNotes
(cont.)
Other Considerations
• eDirectory supports numerous access protocols
LDAP
ODBC
JDBC
XML
ADSI
…
via SOAP
Complementary Approach
Conclusion
• Not all directories are the same
• With eDirectory, the line between database
and directory service becomes very fuzzy