|
|
|
alarms
Alarms are reports of critical events that should be monitored.
alerts
Alerts are any events that the user should be made aware of. In this version of DXmanager, the alerts are harvested from the alarm logs.
alias entries
An alias entry is a directory entry that contains the name of another entry. When you search or browse a directory, you can decide whether to resolve aliases (show the details of the target entry) or to show the details of the alias entry itself.
association
association is a synonym for binding.
attributes
An attribute is a property of an entry that can have a value. An entry is defined by the values of its attributes. For example, an entry in a staff directory could include an attribute named phoneNumber, with the value 555-1234-567.
authentication levels
Each DSA has one or more authentication levels. The authentication levels assigned to a DSA define what credentials a user must present to bind to and query that DSA.
auto-registered attributes
An auto-registered attribute is an attribute that is used in a directory without being defined in the directory's schema. To use auto-registered attributes in a particular object class, that class must include the keyword auto-register-attributes in its may-contain list.
auxiliary object class
An auxiliary object class defines additional characteristics of an entry. For example, it can provide additional, optional, attributes for an entry.
backbone
The backbone is the term used in DXmanager to refer to the directory installation as a whole. It includes all the DSAs and their configuration data.
base-object searches
A base-object search specifies a search that returns one node, the base object, as specified by the DN. It is one of the three types of LDAP search. The others are single-level and subtree.
binding
When a DSA, an LDAP client, or a DUA successfully binds to a DSA, the resulting relationship is called a binding. Because each binding corresponds to a user, the term user can be used to mean a binding.
class-of-service templates
A class-of-service template stores information that can then be included in many entries. Class-of-service templates can reduce the size of a directory, help keep data consistent, and reduce the time required for bulk updates.
credentials
A user's credentials are information that identifies them, which are used for authorization. Credentials can be a user name and password, or a certificate.
data DSA
A data DSA holds data, and queries are routed to it by router DSAs.
datastore
Each data DSA holds its directory data in memory. The datastore is a file that is mapped to the memory image and provides persistent storage of the data.
deploying
Deploying is the process of transferring the XML configuration file from DXmanager to the DSA's host, and then reinitializing the DSAs.
dereferencing
An alias entry is dereferenced if, during a search, the entry the alias points to is used as the base object rather than the alias itself.
DIB (directory information base)
The directory information base (DIB) is the collection of information held by the directory as a whole (typically in many DSAs).
directory management server
The directory management server is the computer on which you have installed the Directory Management package, which includes DXmanager.
DISP
DISP (Directory Information Shadowing Protocol) is defined in the 1993 X.525 standard. DISP lets you replicate information in OSI-conformant directories, which permits copying of directory information from one DSA to another using a standardized procedure and protocol.
distribution
In a distributed directory, many DSAs cooperate to form a single namespace. Parts of the namespace are served by different DSAs. An application connected to any DSA can search the entire namespace.
DIT (directory information tree)
The directory information tree (DIT) is data represented in a hierarchical tree structure, where each node in the tree is defined by a DN. CA Directory uses the term namespace to refer to the directory DIT.
DN (distinguished name)
A distinguished name (DN) uniquely identifies a directory entry and its location in the directory namespace. The DN includes the name of the entry, plus the names of all superior entries, for example, cn=Craig LINK,ou=Administration,ou=Corporate,o=DEMOCORP,c=AU.
DSA (directory system agent)
A DSA is a process that manages some or all of a directory's namespace.
DSA console
The DSA console lets you connect to a DSA to give DXserver commands, receive trace information, and act as a user agent.
DSML (Directory Services Markup Language)
DSML is an XML protocol that permits directory structural information to be represented in XML. The DSML protocol is an almost direct mapping of LDAP. The purpose of the language is to allow XML-based applications to use directory information.
DSML Server
The DSML Server lets client applications use DSML, rather than LDAP, to communicate with CA Directory.
DSP (Directory System Protocol)
The directory system protocol (DSP) is a protocol used between DSAs for X.500 distributed operations. This is the protocol used for chaining. LDAP does not have a DSP equivalent. A CA Directory DSA can use both DSP and LDAP.
DUA (directory user agent)
The directory user agent (DUA) is an executable that accesses DSAs as a client. The DUA is supplied in the samples folder and can run on any host that has directory services installed. It communicates user requests to a DSA, which can be be on any host in the network, and then passes the DSA responses back to the user.
DXadmind
DXadmind is a background process that runs on each host that contains a DSA. DXmanager uses DXadmind to communicate with the DSAs. The DXadmind on each host collects information for DXmanager and manages the DSAs on that host on behalf of DXmanager.
DXmanager
DXmanager is a web application that lets you create, configure, monitor, and control your directory backbone.
DXtools
The DXtools are a set of command-line utilities that come with CA Directory. These tools help you manage directory administration, work with LDIF data, load and unload data to and from a directory, and to extract and convert schemas for use with CA Directory.
dynamic groups
A dynamic group is an entry in the directory with its membership defined by an LDAP filter. All entries that satisfy this filter are members of the dynamic group.
EIS (entry information selection)
In a search filter, the entry information selection (EIS) is the attributes that are to be returned in the search results.
entries
The entry is the basic unit of information storage in a directory. All information in a directory is stored in the form of entries, which are also sometimes named objects. For example, in a directory listing all staff members at a company, each staff member would have an entry.
extensible objects
An extensible object is an object class that may include any attribute defined in the DSA schema.
failback
Failback is the restoration to normal service of a CA Directory DSA after failing over and recovering.
failover
Failover is the ability of a router DSA to continue to service queries even when a data DSA becomes unavailable. If the router detects that a DSA has failed, it resends outstanding requests to another DSA that serves the same partition, making the failure invisible to clients.
health
A directory's health is a measure of whether the directory is running smoothly. This includes whether all DSAs are running, and whether any are logging warning, error, or alarm messages.
horizontal partitioning
If you have a large flat namespace, you can improve performance by partitioning the namespace, so that different DSAs each serve different parts of the same level of namespace. In CA Directory, horizontal partitioning is a method of doing this.
hosts
A host is a single computer with CA Directory installed on it. A single host may serve one or more namespace partitions.
hub
A hub is the DSA that is responsible for receiving multiwrite update requests from other regions.
idle time
The idle time for a connection is the time elapsed since the DSA last performed an operation on that connection.
instantiation
In DXmanager, the process of assigning hosts, sites, or regions to namespace partitions is called instantiation. After the configuration is deployed, this process creates one or more DSAs to serve the namespace partitions.
JNDI (Java Naming and Directory Interface)
The Java Naming and Directory Interface (JNDI) is a Java API that provides applications based on Java with naming and directory services.
JXweb
JXweb is a general purpose LDAP-compliant directory browser and editor, which lets you access a directory through the Web.
latency
Latency is the delay caused by the round-trip time taken between sending a network packet and receiving a response. For replication, latency describes the time during which the shadow servers are out-of-date with respect to a master.
LDAP (Lightweight Directory Access Protocol)
LDAP is a protocol for accessing directories. LDAP is a simplified version of the X.500 directory access protocol (DAP).
LDIF (LDAP Data Interchange Format)
LDIF is a format suitable for describing directory information or changes to be made to directory information.
LDIF files
LDIF files are text files that store directory information in LDIF. You can use LDIF files to transfer directory information between LDAP directory servers or to describe a set of changes to be applied to a directory.
LDT file
An LDT file is a text file that contains rules for transforming data into LDIF format. The csv2ldif tool uses an LDT file to transform CSV data into LDIF.
leaf entries
A leaf entry is a directory entry that has no subordinate entries.
load
A directory's load is a measure of the amount and type of operations being sent to that directory.
load sharing
Load sharing lets a router DSA distribute incoming requests evenly among all DSAs in the same site that serve the same namespace partition. This improves performance.
logs
The logs contain output from a DSA, including its trace, diagnostics, warnings, and alarms.
MIB (management information base)
A management information base (MIB) is a database of objects that can be managed using SNMP.
multiwrite group
A multiwrite group is a synonym for a region.
multiwrite peers
Multiwrite peer DSAs are the DSAs in a multiwrite replication system. Multiwrite peers service the same prefix, share knowledge of each other, and their knowledge includes the DSA flag multi-write.
multiwrite replication
Multiwrite replication is a mechanism for replicating updates to a number of DSAs to ensure that they are synchronized. When a DSA receives an update, it updates its own data and then sends the update to its peers. If a peer DSA cannot be reached, the updates are queued and replayed when the DSA becomes available.
multiwrite-DISP replication
Multiwrite-DISP replication is a replication scheme that uses multiwrite replication for real-time updates and DISP for recovery.
namespace
A namespace is the tree of all data in the directory, synonymous with directory information tree. It is defined by the DN of the top node in the tree.
namespace partition
A namespace partition is a sub-section of the directory information tree.
naming attributes
The naming attribute is the attribute used to form the RDN, which uniquely identifies each entry in the directory.
network topology
The network topology describes the hosts on which the directory backbone runs, and the quality of network connections between the hosts. The quality of connections is represented by sites and regions.
OID (object identifier)
An object identifier (OID) is a numeric value that unambiguously identifies an object class, attribute, or syntax in a directory service. An OID is represented as a dotted decimal string (for example, 1.2.3.4). Companies and individuals can obtain a root OID from an issuing authority and use it to allocate additional OIDs.
OID prefix
An OID prefix consists of a name used to represent the portion of the object identifier common to multiple schema definition statements.
operational attributes
An operational attribute represents information used to control the operation of the directory (such as access control information), or used by the directory to represent some aspects of its operation.
operations
A directory operation reads data from the directory or writes data to it. Operations include add, compare, delete, modify entry, modify RN, read, search.
performance
Directory performance measures the load and throughput of the directory. DXmanager can tell you which DSAs and hosts are under the most load, and the kinds of operations they are performing (searches, updates, compares, and so on).
personality certificates
DSA personality certificates are the same as user certificates, except that they are for DSAs. These personality certificates permit the links between DSAs to be secured using SSL encryption or authentication.
phase
A phase is a directory search within a view. A phase can use the results of previous phases in the same invocation of the view.
public user
A public user is a user who has not been authenticated. The following terms are identical: public user, unauthenticated user, anonymous user, user who has not logged in.
RDN (relative distinguished name)
The relative distinguished name (RDN) of an entry is the lowest-level part of the entry's DN. The RDN is formed by the entry's naming attribute. For example, if an entry's DN is cn=Craig LINK,ou=Administration,ou=Corporate,o=DEMOCORP,c=AU, the entry's RDN is cn=Craig LINK.
recovery
Recovery is the process of a DSA returning to service after an outage.
recovery mode
A DSA in recovery mode is one that has been offline, so its data may now inconsistent with its replication peer DSAs. In recovery mode, a DSA only accepts binds and updates from its replication peers. This prevents clients and parent or non-peer DSAs from querying or updating the recovering DSA.
recovery notification list
A recovery notification list is a list of peer DSAs that have more up-to-date data. When the data in a recovering DSA has been synchronized with one of these peers, the name of the peer is removed from the list. When the list is empty, the DSA is recovered and returns to service.
referential integrity
A directory entry has referential integrity if all DNs in the entry are valid, that is, point to other, existing, entries.
region
A region is a collection of sites. Multiwrite replication between DSAs in the same region is synchronous.
response files
A response file is a text file that supplies information used during the installation process. The user normally supplies this information during the installation process.
router DSA
A router DSA has no local data and no datastore. It can only route traffic to other DSAs.
SAML (Security Assertion Markup Language)
Security Assertion Markup Language (SAML) is an XML-based protocol for making statements about security. For example, you could use SAML to make the following statement: "John Citizen has been authorized to read data from the HR web site for thirty minutes starting at 9:15 a.m."
schema
A schema is a formal definition of the contents and structure of the directory data. It governs where each entry can be placed within the directory structure, how entries are to be named, and what attributes each entry can contain.
script files
Script files store frequently used, or complex commands (such as a series of searches). You can execute these files from a DSA console, or by using the source command, from other script files.
selective shadowing
Selective shadowing is the ability to replicate only some information to a shadow DSA.
sites
A site is a DXmanager term for collection of hosts that are connected by a reliable, fast and low latency network, such as a LAN. hosts A site corresponds to a load sharing group.
SPML (Services Provisioning Markup Language)
Services Provisioning Markup Language (SPML) is an XML-based protocol that handles provisioning and user management. It allows for adding, modifying, deleting, and searching users, and provisioning users with resources.
static groups
A static group is an entry in the directory with a member attribute, which stores a list of the DNs of the entries that are members of this group.
TCP port
The TCP port is the port on which DSA listens for, and accepts connections from, clients and other DSAs.
text-based configuration files
You can configure CA Directory using commands in text files. The text files contain commands that define how the DSA works. These commands are identical to the commands that can be entered from a DSA console.
third-party LDAP server
A third-party LDAP server is a directory that only uses the LDAP standard. DXmanager can monitor these LDAP servers, but it cannot configure or control them.
third-party X.500 DSA
A third-party X.500 DSA is a directory served by another directory product. DXmanager can monitor and control these DSAs, but it cannot configure them.
topology
The topology defines the network in terms of a hierarchy of regions, sites, and hosts. A group of hosts belongs to a site, and a group of sites belongs to a region. Because the topology is hierarchical, a site cannot contain a region and a host cannot contain a site or region.
traces
A DSA's trace is its record of almost all operations going into and out of that DSA. You can view a DSA's trace in the log files, and also by using the DSA console.
transparent routing
Transparent routing allows a router DSA to process LDAP requests and responses without requiring the controlling schema. This is useful if the router DSA is being used to link LDAP clients to an LDAP server, or the clients and server have schema that are not known by the router DSA. Transparent routing works with LDAP clients only.
view
A view is a read-only virtual directory that provides a layer between the user agent and the real directories. It lets you combine multiple LDAP searches into one search. You can use views to improve performance and to reduce the complexity of applications.
X.500
X.500 is a set of computer networking standards that define directory services. The protocols defined by the X.500 standards include DAP, DSP, and DISP. A directory that follows the X.500 standard has distributed operations, distributed management, distributed security, and replication.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |