HP-UX Directory Server 8.1 deployment guide
be maintained in a single location, such as the company headquarters, or each local site can
manage the parts of the DIT that are relevant for them.
See “Using replication for local availability” for more information.
• In all cases, balance the load of requests serviced by the Directory Servers and avoid network
congestion.
See “Using replication for load balancing” for more information.
After planning the replication strategy, it is possible to deploy the directory service. It is best to
deploy the directory service in stages, because this allows administators to adjust the directory
service according to the loads that the enterprise places on the directory service. Unless the load
analysis is based on an already operating directory, be prepared to alter the directory services
as the real-life demands on the directory become clear.
6.3.1 Conducting a replication survey
Gather information about the network quality and usage in the site survey to help define the
replication strategy:
• The quality of the LANs and WANs connecting different buildings or remote sites and the
amount of available bandwidth.
• The physical location of users, how many users are at each site, and their usage patterns;
i.e., how they intend to use the directory service.
• The number of applications that access the directory service and the relative percentage of
read, search, and compare operations to write operations.
• If the messaging server uses the directory, find out how many operations it performs for
each email message it handles. Other products that rely on the directory service are typically
products such as authentication applications or meta-directory applications. For each one,
determine the type and frequency of operations that are performed in the directory service.
• The number and size of the entries stored in the directory service.
A site that manages human resource databases or financial information is likely to put a heavier
load on the directory service than a site containing engineering staff that uses the directory solely
for telephone book purposes.
6.3.2 Replicated selected attributes with fractional replication
Fractional replication allows the administrator to choose a set of attributes that are not transmitted
from a supplier to the consumer. Administrators can therefore replicate a database without
replicating all the information that it contains.
Fractional replication is enabled and configured per replication agreement. The exclusion of
attributes is applied equally to all entries. As far as the consumer server is concerned, the excluded
attributes always have no value. Therefore, a client performing a search against the consumer
server never sees the excluded attributes. Similarly, should it perform a search that specifies
those attributes in its filter, no entries match.
Fractional replication is particularly useful in the following situations:
• Where the consumer server is connected via a slow network, excluding infrequently changed
attributes or larger attributes such as jpegPhoto results in less network traffic.
• Where the consumer server is placed on an untrusted network such as the public Internet,
excluding sensitive attributes such as telephone numbers provides an extra level of protection
that guarantees no access to those attributes even if the server's access control measures are
defeated or the machine is compromised by an attacker.
Configuring fractional replication is described in the replication agreement and supplier
configuration sections in chapter 8, "Managing Replication," in the Administrator's Guide.
6.3 Defining a replication strategy 83