1. Field of the Invention
The present invention generally relates to a method of automatically relocating an a lightweight directory access protocol (LDAP) entry and a subtree across directory partitions from one backend partition server to another. More specifically, the relocation is performed without bringing any of the servers down and by creating, formatting and modifying an equivalent entry with a distinguished name on a target partition server.
2. Description of the Related Art
In a typical distributed directory environment, there are several directory servers; each may correspond to an organization under an organizational umbrella or to an organizational unit within an organization. Hence each server may be associated with one or more LDAP suffixes. The LDAP is a directory service protocol that runs over Transmission Control Protocol/Internet Protocol (TCP/IP). To give an LDAP server the capability to manage part of an LDAP directory, the highest level parent distinguished names is specified in the configuration of the server. A distinguished name that represents the root level of a directory is called a suffix. Suffixes can be (1) a character string attached to the end of a file name that helps identify its file type; (2) a code dialed by a caller who is already engaged in a call; or (3) a part of a file name, added at the end, separated from other suffixes or the base file name by some punctuation, such as a period (.). A lower-level directory structure is called a subtree.
For example, a Backend Partition1 is associated with suffix “O=IBM,C=US”, a Backend Partition2 is associated with suffix “O=IBM,C=IN” and a Backend Partition3 is associated with suffix “O=IBM,C=JP”. A Replica1 is associated with suffix “OU=BLR,O=IBM,C=IN” and is a read only replica of Partition2. Replica2 is associated with suffix “OU=PUNE,O=IBM,C=IN”, and so on. The LDAP server can access all objects in the directory that are below the specified suffix in the directory hierarchy. The LDAP directory service is based on entries/objects. LDAP refers to entries with Distinguished Names (DNs). Distinguished names consist of the name of the entry itself as well as the names, in order from bottom to top, of the objects above it in the directory.
To provide a single view of all these distributed servers, there may be a proxy server that provides a single point of contact for all the LDAP clients. When an LDAP client sends a request to the LDAP proxy server, it forwards the request to the appropriate partition server and gets the response back that is then sent back to the client.
In such an environment there are continuous changes in the organizational structure, for example:                Employees are transferred from one organization or organizational unit to another organization or organizational unit;        Ownership of organizational units change; and        Mergers and acquisitions.        
Hence, individual LDAP entries or whole subtrees are relocated from one partition server to another. This involves manual operations and intervention and may involve downtime as well.