The Directory of Directories for Higher Education DoD

1
The Directory of Directories for Higher
EducationDoD

• Michael R Gettes
• DoD Project Leader, Internet2
• Georgetown University

Ken Klingenstein, Project Director, Internet2
Middleware Initiative Chief Technologist,
University of Colorado at Boulder
2
Topics

• Background
• Goals and Timeframes
• Directory Architecture Issues
• Human Interface Issues
• Implementation

3
Background

• Mace
• eduPerson
• Michael Gettes
• SUN

4
Goals

• Experiment
• Questions we seek to Answer
• Leverage eduPerson and Campus Directory
  Deployments
• Long-term Service Offering

5
Timeframes
6
DoD Architecure

• Inputs to DoDHE
• Inputs Local Site View
• Central Deposit Service
• DoDConfig Directory
• Operation
• Search Operations
• Search Drill Down from a list

7
Inputs
Remote Site Directories
Remote Data Sources
LDAP Oracle Etc
Search
Data Filtering Submit to CDS
DoD Config
Central Deposit Systems (CDS)
8
Inputs Local Site View
Submit final LDIF to CDS using authenticated POST
via HTTPS.
Local Data Source
LDAP
Filter LDIF according to local policy. Generate
new LDIF for submission.
DODHE
Generate LDIF Data
9
Inputs Why this way?

• Standardized input is LDIF
• Could be XML but few products generate XML now
  (01/2001)
• Could use Architech as filter and submission
  mechanism
• Site always submits full dataset. No worry of
  reconciling. Easier site participation in the
  DoDHE service.
• CDS handles reconciliation and controls data
  processing. Can provide feedback.

10
Central Deposit Service
dcedu
dcgeorgetown
dcwashington
dcvirginia
dcmemphis
dn uidgettes,ouPeople,dcgeorgetown,dcedu obje
ctclass person, organizationalPerson,
inetOrgPerson, eduPerson cn Michael Gettes sn
Gettes mail gettes_at_georgetown.edu displayName
Michael R Gettes eduPersonPrimaryAffiliation
Employee eduPersonAffiliation Employee
11
DoDConfig Directory
dcedu
dcgeorgetown
dcwashington
dcvirginia
dcmemphis
dn dcgeorgetown,dcedu objectclass
organization, domain, referral, orgDoDHE cn
Georgetown University ref ldap//directory.george
town.edu/dcgeorgetown,dcedu dodBase
ldap//cds1.dodhe.internet2.edu/dcgeorgetown,dce
du carnegieClass Research-1
12
Operation

• User search request
• Search DoDConfig for Orgs to Scan in dcedu tree
  (with do not follow referrals ctl set). Collect
  dodBase attributes.
• Search all directories (remote or CDS, as
  specified by dodBase)
• List results
• Drill down (view full entry) follows referral
  back to home directory by using DN of object in
  question or uses Chaining ability of iPlanet DS 5
• Display object.

13
Search Operations
Remote Site Directories
oUniversity,cUS dcdomain,dcedu
SearchBase dcedu Filter (OrgCriteria from
Search page)
Referrals?
No Referrals
DoD Config
Search using SearchBases From DoDConfig
Search
No Referrals
Results
CDS
14
Drill Down from List
From a list of results of a search
A list of results from a search
Remote Site Directories
Results
oUniversity,cUS dcdomain,dcedu
Referrals?
Follow Referrals
Obtains object by DN in home Directory
DoD Config
Obtain object
Follows referral from Ref attribute
(smart-referral) in DoDConfig Directory or use
chaining ability of iPlanet DS 5.
Display found object in web page
CDS