The present invention relates to the management of computers and computer networks and, more particularly, to systems and methods that provide and facilitate the interoperation of directory services associated with a computer management system.
Modern computer-based structured storage systems such as computer file systems and database systems provide users with quick and easy access to enormous amounts of data. Structured storage systems allow businesses to generate and maintain stores of data that may be modified and updated over time. For many companies, data is a valuable capital asset that is employed each day to perform the company's core operations. The data can be, for example, computer files (e.g., source code, word processing documents, etc.), database records, and other information such as information regarding employees, customers, and/or products.
A typical computer-based structured storage system includes a central server that provides centralized control over the structured store of data. The structured store of data is the information that is maintained by the system such as information in the directories of a file system or within the records of a database system. The central server provides system services to a number of interconnected network client nodes, each of which employs the central server to access and manipulate the structured data store.
Currently, it is common for the central network server to provide a directory service (i.e., a specialized hierarchical database of network, user, and other computer system configuration information). This information typically includes operating system configuration information, application program configuration information, network configuration information, network-accessible resources, exported devices and services, network printers, user account records, etc. Network user accounts allow network-wide, unified “log on”, system access and allow sophisticated application programs to obtain broader, coherent name spaces (e.g., electronic mail system application programs). Novell's Directory Server (NDS), is one example of software that implements a directory service and that runs on a central server to allow maintenance of and access to directory information.
Although central server directory services such as NDS generally provide the desired network management functions, problems arise from relying on centralized control. For example, the operation of the network is dependent upon the proper functioning of the central server. Any failure of the server to maintain proper operation, such as a power failure, hardware failure, or other such system failure, may disable the entire network and may generally prevent users from obtaining access to the network and its resources. Additionally, a large number of client requests for information (e.g., access of user account records) over a short period of time can overload the central server and slow down or crash the network. Accordingly, reliance on a centralized, server-based directory service can result in slow operation or total network failure during periods of heavy use.
Recently, technology has been developed to improve the reliability and operation of a centralized server directory service. This technology involves employing multiple central servers. Each of the servers provides a directory service. Whenever the directory information changes, all of the redundant servers are updated so that requests can be made to any of the centralized servers without impacting the correctness of the response.
Examples of this centralized, statically replicated, hierarchical directory service technology include Microsoft's Active Directory, NDS, Banyan's Streetalk, and X.500 directory services. Lightweight Directory Access Protocol (LDAP) is a “common” protocol that can be used to access data from any compatible directory server such as Active Directory.
Active Directory is an important part of the Microsoft Windows network architecture that provides a directory service designed for distributed networking environments. Active Directory allows organizations to store information in a hierarchical, object-oriented fashion, and provides multi-master replication to support multiple-server distributed network environments. Active Directory acts as an integration point for bringing systems together and consolidating management tasks. Active Directory also provides a single point of management for Windows-based user accounts, clients, servers, and applications.
Although Active Directory offers many benefits for managing network infrastructure, organizations often need a more flexible directory service to support directory-enabled applications. For example, many directory-enabled applications require the directory service to be extended with application-specific schema extensions. Such schema extensions are supported in Active Directory. However, because Active Directory is often considered to be critical for overall network operations, many network administrators will not allow application-specific schema changes within Active Directory that may cause system instability. In addition, many LDAP directory usage scenarios, including development, portal, and legacy application usage scenarios, are hindered by the specific domain requirements of Active Directory.
More recently, Microsoft has introduced the Active Directory Application Mode (ADAM), which is a new mode of Active Directory that is designed specifically for directory-enabled applications. Although Active Directory (AD) offers many benefits for managing network infrastructure, organizations often need a more flexible directory service for support of directory-enabled applications. ADAM is a directory service that is designed to meet the needs of customers that cannot rely solely on Active Directory for providing directory services for directory-enabled applications. Application programs may have to support both ADAM and AD directory services in order to meet the goals and expectations of network administrators and end users.
Accordingly, what is needed is a network management system in which directory services may interoperate with one another.
In view of the foregoing, it would be desirable to provide systems and methods that allow directory services in a network management system to interoperate with one another.
It would also be desirable to provide systems and methods that allow directory services to handle application-specific schema extensions without the risk of system instability.
It would be further desirable to provide systems and methods that allow Active Directory and Active Directory Application Mode directory services in a network management system to communicate and interoperate with one another.