Virtualization allows multiplexing of the underlying host machine between different virtual machines. The host computer allocates a certain amount of its resources to each of the virtual machines. Each virtual machine is then able to use the allocated resources to execute applications, including operating systems (referred to as guest operating systems). The software layer providing the virtualization is commonly referred to as a hypervisor and is also known as a virtual machine monitor (VMM), a kernel-based hypervisor or a host operating system. The hypervisor emulates the underlying hardware of the host computer, making the use of the virtual machine transparent to the guest operating system and the user of the virtual machine.
When a user logs into a management console of the virtual machine system with their user credentials, makes a request of the system, or issues a command in the system, a management service looks up the information (e.g., user privileges, object names) in a directory service. One example of a directory service is lightweight directory access protocol (LDAP). Certain virtualization systems may have multiple LDAP directory services, possibly provided by different vendors. Some examples of LDAP directory services include Red Hat Directory Server (RHDS), Microsoft Active Directory, and Tivoli-DS from IBM. Each LDAP directory service may store the same or similar types of information, however, each provider may have a different schema, query syntax, and/or authentication protocols. The LDAP schema defines what objects are included in the directory service and what attributes can be used for those objects (e.g., user name, group, title). The query syntax defines the format of LDAP requests that can be processed by the directory service. The authentication protocols define how a user is verified to determine if they should have access to the information in the directory service. Conventionally there is no method for virtualization managers to easily switch between different directory services and to convert communications to the appropriate schema and query syntax.