Changes between Version 1 and Version 2 of ALL__architecture


Ignore:
Timestamp:
11/14/14 15:34:47 (10 years ago)
Author:
lttoth@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ALL__architecture

    v1 v2  
    11= Overview of Enterprise Directory Architecture = 
    2     Original author:  Beth Merce - 20081031 
     2    Original author:  Beth Mercer - 20081031 
    33 
    44The University of Alaska Enterprise Directory and Authentication Service are comprised  
    5 of the following: 
     5of the following four architectural components: 
    66 
    7         iPlanet Directories (EDIR directory) 
     7* EDIR Directories 
     8* EDIR "registry" 
     9* Web Gateways 
     10* Equalizer  
     11 
     12== EDIR Directory : SUN LDAP iPlanet Directories == 
    813 
    914                iplanet UNIX account 
     
    2227 
    2328 
    24         Oracle Databases (EDIR "registry") 
     29== EDIR "registry" : Oracle Databases == 
    2530 
    2631                sxldap UNIX account and OPS$SXLDAP schema  
     
    3540 
    3641 
    37         Web Gateways 
     42== Web Gateways == 
    3843 
    3944                ldapgw UNIX account for EDIR/AUTHSERV 
     
    5459 
    5560 
    56         Equalizer  
     61== Equalizer == 
    5762 
    5863                load balancing for DNS names 
     
    7176                for ldap/ldaps ports 
    7277 
    73         Kerberos Realm 
     78== Historical Use of Kerberos == 
     79'''NOTE:'''  Originally Kerberos synchronized LDAP password information with OIT.  That implementation is no longer current and not maintained in anyway.  At that time the Kerberos Realm consisted of: 
    7480 
    75                 oitsynch UNIX account 
     81                 * Synchronization Command: oitsynch UNIX account 
     82                * A password store behind iPlanet Directory 
     83                * A directory plugin implements kerberos authentication during directory bind 
     84                * An UPDATE interface behind AUTHSERV implements kerberos password reset/change/lock/unlock functionality 
     85                * 3 realms: test.alaska.edu, prep.alaska.edu, prod.alaska.edu - 1 each on 3 servers: cisca, cobalt, cupola 
    7686 
    77                 password store behind iPlanet Directory 
    78                 directory plugin implements kerberos authentication during directory bind 
    79                 UPDATE interface behind AUTHSERV implements kerberos password reset/change/lock/unlock functionality 
    80  
    81                 3 realms: test.alaska.edu, prep.alaska.edu, prod.alaska.edu 
    82                 1 each on 3 servers: cisca, cobalt, cupola 
    83  
    84 ####################### 
    85 DOCUMENT CHANGE HISTORY 
    86  
     87######################################################## 
     88LEGACY CHANGE HISTORY - NOTE: All subsequent changes are recorded in TracWiki 
     89######################################################## 
    879020081031 elm    corrected typos 
    88  
    89 (eof)