Transcript ldap2_pspl.co.in

PSPL
Some issues in databse-directory
integration
Shridhar Shukla
LDAP-RDBMS integration product
group, PSPL
Persistent Systems Private Limited
(http://www.pspl.co.in)
PSPL
An Example of where LDAP fits
Persistent Systems Private Limited
(http://www.pspl.co.in)
PSPL
Database/LDAP integration
LDAP
Application
RDBMS
Application
LDAP
to SQL (?)
LDAP
Server
SQL to
LDAP (PS EnList)
Synchronization
(PS EnSure)
Persistent Systems Private Limited
(http://www.pspl.co.in)
RDBMS
Server
PSPL
LDAP to SQL
(&(Objectclass=*)(cn =‘sha*’))
Option 1: A schema that fits the hierarchy
Unique id, an entry table per objectclass, indexed
thin tables (IBM)
Option 2: Represent the hierarchy using
foreign relations
mismatch
Option 3: Expose existing schema as LDAP
What will it take? How will write performance get
affected? Can there be a general model?
Persistent Systems Private Limited
(http://www.pspl.co.in)
PSPL
SQL to LDAP
A structured approach to splitting the query
between the LDAP server and PS EnList
Caching of query results
Consolidation of schema across servers
High-value operators and SQL extensions
Recognize LDAP usage and optimize
Persistent Systems Private Limited
(http://www.pspl.co.in)
PSPL
LDAP to DB synchronization
DB
application
Directory
application
1
3
Source
DB
2
Join Engine
Change
log
DB
5
4
Dir
Persistent Systems Private Limited
(http://www.pspl.co.in)
PSPL
Synchronization issues
The source DB data model cannot change.
Changes from multiple tables for an entity need to
be synchronized with the directory
Large volumes
Selective policies, e.g., password
Persistent Systems Private Limited
(http://www.pspl.co.in)