Manualshelf

NetWare Directory Services

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
919293949596979899100
7-11
Planning NetWare Directory Services Implementation
Organizing Objects into a Logical Hierarchy
It is important to remember that the top level is the most important level of
the Directory tree. All other levels of the tree branch off the top level. If you
organize the top level well, you can organize your entire Directory tree more
efficiently.
Consider the following when planning Directory tree levels:
The name of the Directory tree must be unique on the physical wire or backbone
of the actual network hardware connection.
The depth of the Directory tree should be no longer than 256 characters for the
Distinguished Name, which is the full context of the tree.
Remember that each level you add to the tree can increase the length of a users
context. The shorter you can keep users’ contexts, the less problem they will
have remembering them.
Partitions or replicas should be placed close to the end user.
For example, if there are departments in two cities that access the same
resources in the Directory tree, such as printers or servers, then place a replica in
both cities to accommodate both departments.
Rights should be granted by exception. That is, you should grant rights at the
container level, then at the group level, and then at an individual object level if
necessary.
For example, if you have a group of users that will generally require the same
rights assignment, plan to place them in the same container and assign the rights
to the container. Then, if there is a small subset of these users that should not
have one of the rights assigned to everyone else, plan to mask the right for those
User objects or add those objects to a group that has the right masked.
Placing Container Objects in the Directory Tree
Container objects and their contents should be defined by workgroups,
shared resources, and information usage. Use Organization objects and
Organizational Unit objects to build the Directory tree structure.
Country and Organization Objects
The Country object, which can be placed only between the [Root] object and
your Organization objects, is useful when your network spans more than a
single country or when you plan to access information on the global
internetwork.