1. Field
The embodiments of the disclosure relate generally to distributed directory environments, and more specifically to providing proxy support for special subtree entries in a directory information tree by defining filters at the proxy level to indicate relationships between main subtree entries and associated special subtree entries.
2. Description of the Related Art
A directory is a special type of database for managing information about people, organizations, data processing systems, and other information sources. Information within a directory is organized within a hierarchical namespace called the directory information tree (DIT). Each entry in the directory information tree is a named object and consists of a set of attributes, and each attribute has a defined attribute type and one or more values. Each entry is identified by an unambiguous distinguished name (DN) comprising a sequence of selected attribute-value pairs (relative distinguished names (RDN)) of an entry separated by commas. Entries are arranged within the directory information tree based on their distinguished names. For instance, each relative distinguished name in a distinguished name entry corresponds to a branch in the directory information tree leading from the root of the tree to the entry.
A directory service provides a mechanism for searching a directory and for retrieving information from a directory. Directory services serve as a central repository for searching, adding, deleting and modifying data. Example methods of accessing directory services in a computer network include X.500 and Lightweight Directory Access Protocol (LDAP), among others. Lightweight Directory Access Protocol (LDAP) is a software protocol for enabling a user to locate organizations, individuals, and other resources such as files and devices in a network, whether on the Internet or on a corporate Intranet. LDAP is a “lightweight” version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network.
A directory may be distributed among many servers. In a distributed directory environment, data is partitioned across multiple directory servers, also known as backend servers. Distributed directory environments may include one or more backend servers and a proxy server that acts as an intermediate agent between a client and the distributed directory environment. Clients bind to the proxy server instead of directly binding to the backend servers.