1. Field of the Invention
The field of the invention is data processing, or, more specifically, methods, systems, and products for replicating modifications of a directory.
2. Description of Related Art
A directory service, such as an LDAP service or an X.500 service, is a computer-implemented data storage and retrieval methodology. ‘LDAP’ refers to the Lightweight Directory Access Protocol, a set of protocols for accessing information directories. X.500 is an ISO and ITU standard for directory structure. X.500 directories are hierarchical, that is, tree structures, with different levels for each category of information, such as country, state, and city. LDAP is based on the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, an important feature for internet-oriented directory access.
A directory service is a system that operates according to a directory protocol. LDAP is a protocol, or actually a set of protocols. The X.500 standards include a directory access protocol. The general model of a directory protocol is one of clients performing protocol operations against servers. In this model, a client transmits a protocol request describing to a server an operation to be performed on a directory, a modification, a comparison, a security binding, and so on. The server is then responsible for performing the requested operation in the directory. Upon completion of the operation, the server returns a response containing any result or error to the requesting client. In addition, directory protocols typically also permits servers to return to clients referrals to other servers. As an aid to overall system performance, this allows servers to offload back to clients the work of contacting other servers to progress operations.
A directory service implements persistence for its data in its directory tree by use of backup databases optimized for fast reads. Such backup databases may be relational databases or BTREEs, for example. A hierarchy, or tree, of data in a directory is represented in attribute type—attribute value pairs. This structure offers flexibility in designing directory entries. A particular user record, for example, can have new types of data added without having to re-design the entire database. Any kind of text or binary data can be stored. A directory service is particularly useful for relatively static information, such as company directories, user data, customer data, passwords, and security keys.
For high availability and scalability directory data is replicated among two or more directory servers. Directories may contain huge quantities of data, with many updates to directory entries occurring each second. Replicas may be separated by network links with significant latency. High volume access to a large directory can be slow. An early approach to directory replication called ‘Stand Alone LDAP Update. Replication Daemon’ or ‘SLURPD’ was developed at University of Michigan, but SLURPD replication is very slow over slow network links. Another approach to directory replication named ‘Bulk Update/Replication Protocol’ or ‘LBURP’ was published in an individual submission to an Internet Working Group in a document named draft-rharrison-iburp-03.txt by R. Harrison, J. Sermersheim, and Y. Dong in March 2001. LBURP groups directory operations in bunches, so that more can be sent at one time, instead of replicating a single operations and waiting for the response. LBURP, however, makes no use of parallelism in processing, and LBURP also introduces additional network traffic overhead in that each directory operation must have additional encapsulation.