Discover what makes this integrated metadirectory support and directory service solution tick
Zoomit VIA embodies the concept of the metadirectory: a directory service that integrates numerous other directory services to improve the ease and effectiveness of directory management. (To get an overview of the metadirectory idea and what a metadirectory can do for an organization, see Craig Zacker, "Metadirectories: Directory Services for the Enterprise," page 121.) VIA provides comprehensive metadirectory support for the most common network applications and operating systems used on heterogeneous networks. VIA's proprietary directory service gives users a unified view of all the directories on their network. Unlike many other metadirectory solutions, VIA supports various email, application, and network operating system (NOS) directories (e.g., Lotus Notes, Windows NT domains, and Novell Directory Services--NDS).
Here's how VIA works. You import the data from your network directory services into separate areas (connector spaces in VIA) of VIA's metadirectory. For example, after you import your NDS, NT domains, and Lotus Notes directories into separate connector spaces, you have three objects in the metadirectory for each network user. Then, for each user, you create a composite entry that consists of the user-specific data from each of the other three objects in the metadirectory. Each composite entry becomes the single point of administration for a specific user. The composite entries form the VIA metaverse, a superdirectory that contains information to let users access network services.
When you modify the properties of a composite object, VIA replicates the changes to the source objects in the connector spaces and makes the same changes to the originating directories. VIA does not alter the process by which users log on to their network services. Client systems continue to interact with the services' individual directories, but the information in those directories is derived and updated from the data in the metadirectory.
VIA includes attributes for metaverse objects that you can use to store personal information (e.g., phone numbers, job titles, and photographs) about your users. Users can access the metadirectory through any Web browser and search for other users by name. By granting your users specific directory access rights, you can let them modify specific properties in their metadirectory entries and publish documents for other users by adding the documents to the directory as new objects. Thus, the VIA directory is based on the replication of other directory services into its proprietary structures. Let's examine the VIA directory in detail by looking at how information flows between directories and examining VIA's security model.
Metadirectory Structure
VIA consists of three software entities: the directory server; the Zoomit Compass client program, which lets you view and manipulate the contents of the metadirectory; and a collection of management agents, which provide access to the directory services VIA supports. Because VIA uses its proprietary directory service as the metadirectory, VIA is more complex than products such as NetVision's Synchronicity, which rely on external directories such as NDS. (For information about NetVision's product, see "NetVision's Synchronicity for NT," page 125.)
VIA's directory server software runs on NT Server, NT Workstation, or Windows 95. You can configure VIA to run as an NT service that automatically loads when you boot the system. To publish its services, the VIA directory server uses the well-known port numbers for Lightweight Directory Access Protocol (LDAP) and HTTP, and you can modify these defaults for your system. On large networks, you can distribute the VIA database among several servers. The VIA directory server uses referrals to redirect client requests to other servers that have the requested information. VIA can also replicate the directory at regular intervals to provide fault tolerance and load balancing.
VIA uses the same namespace structure as the X.500 directory. This name-space is identical to that used by LDAP directories such as Netscape's Directory Server and is similar to that used by NDS. (For more information about LDAP directories, see Tao Zhou, "Exploring Netscape's Directory Server 3.0," page 137. For information about NDS, see William Wong, "Novell's NDS for NT," page 131.) You use standard container objects such as countries, organizations, and organizational units to create the metadirectory tree hierarchy, and you populate the tree with objects representing users, groups, and servers. Unlike X.500, VIA does not enforce specific relationships between object classes. For example, traditional X.500 naming requires you to put country or organization objects at the top level of the tree, with organizational units beneath them. In the VIA directory, objects can appear anywhere in the tree. This structure lets you organize a directory for a large international corporation logically--by dividing the tree into departments at the top level and countries at the second level. Another difference between X.500 and VIA naming is that user objects in the VIA directory can have subordinate objects that represent documents or other data files users want to publish to other network users.
Zoomit Compass, VIA's administrative client program, uses the LDAP port to access the directory server and displays the contents of the directory tree, as Screen 1 shows. From the Zoomit Compass interface, which can run on any NT or Win95 system on a network, you can create and delete directory objects and manage their properties. Because VIA supports the LDAP standard, users can use any LDAP client to access the VIA directory; such clients include those integrated into the Microsoft Internet Explorer (IE) and Netscape Communicator clients.
The HTTP protocol lets clients use any Web browser to view the VIA directory and provides read-only access to the metaverse. However, because the default Web pages are frames-based, users must have IE 3.0 or later, or Netscape Navigator 2.0. VIA includes intelligent directory agents (IDAs), which let users of major email packages search the directory for user addresses from within their client applications.
To access other directory services running on a network, VIA uses management agents, synchronization modules that run on the VIA directory server and communicate with directories using the directories' native protocols. VIA includes management agents for many of the most commonly used directory services, including the NT domain, NDS, NetWare bindery, and Banyan VINES NOS directories; Netscape's Directory Server; and email packages such as Lotus Notes, cc:Mail, DaVinci, Microsoft Exchange, Novell GroupWise, and Banyan BeyondMail. The VIA program includes a development kit that lets programmers create management agents. Most VIA management agents do not require client software modules on the systems that host the subordinate directories. Two exceptions to this rule are Lotus Notes and NDS (NDS communicates with VIA using LDAP, and therefore requires that you install Novell's LDAP Services for NDS). Management agents log on to the directories like any other client, using credentials you supply in the Compass application.
Previous
Register
Jim Wallentine June 04, 2001