Manualshelf

HP-UX Directory Server 8.1 deployment guide

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
61626364656667686970
1. The client application binds with Server A, and Server A tries to confirm that the user name
and password are correct.
2. Server A does not contain an entry corresponding to the client application. Instead, it contains
a database link to Server B, which contains the actual entry of the client. Server A sends a
bind request to Server B.
3. Server B sends an acceptance response to Server A.
4. Server A then processes the client application's request using another database link. The
database link contacts a remote data store located on Server C to process the search operation.
Unsupported access controls Database links do not support the following access controls:
Controls that must access the content of the user entry are not supported when the user
entry is located on a different server. This includes access controls based on groups, filters,
and roles.
Controls based on client IP addresses or DNS domains may be denied. This is because the
database link impersonates the client when it contacts remote servers. If the remote database
contains IP-based access controls, it evaluates them using the database link's domain rather
than the original client domain.
5.4 Using indexes to improve database performance
Searches performed by client applications can be time and resource intensive, depending on the
size of the databases. To help alleviate this problem, use indexes to improve search performance.
Indexes are files stored in the directory databases. Separate index files are maintained for each
database in the directory service. Each file is named according to the attribute it indexes. The
index file for a particular attribute can contain multiple types of indexes, so several types of index
can be maintained for each attribute. For example, a file called cn.db4 contains all the indexes
for the common name attribute.
Different types of indexes are used depending on the types of applications that use the directory
service. Different applications may frequently search for a particular attribute, or may search the
directory in a different language, or may require data in a particular format.
5.4.1 Overview of directory index types
Directory Server supports the following types of index:
Presence index
Lists entries that possess a particular attribute, such as uid.
Equality index
Lists entries that contain a specific attribute value, such as cn=Babs Jensen.
Approximate index
Allows approximate (or "sounds-like") searches. For example, an entry might contain the
attribute value of cn=Babs L. Jensen. An approximate search would return this value
for searches against cn~=Babs Jensen, cn~=Babs, and cn~=Jensen.
NOTE:
Approximate indexes require that names be written in English using ASCII characters.
Substring index
Allows searches against substrings within entries. For example, a search for cn=*derson
would match common names containing this string (such as Bill Anderson, Norma
Henderson, and Steve Sanderson).
70 Designing the directory topology