Current tech industry challenges
• Extremely large number of objects that are managed in LDAP directories.
• Requirements for un-usually high write performance in addition to high search performance.
• Need for a directory infrastructure that is elastic and can grow with business without huge up-front investment
• Maintaining a number of isolated directories in the enterprise is costly to maintain and support.
• Due to regulation, politics and technical issues it is not practical to have common schema for hundreds or even thousands of applications.
• Achieving interoperability, validation, and certification of disparate components is challenging.
What is OUD ?
Oracle Unified Directory (OUD); the world’s first unified directory services solution with storage, synchronization, proxy and virtualization. OUD, together with Oracle Virtual Directory (OVD) and Directory Integration Platform (DIP), provides unified directory services and uniquely combines virtual directory, meta-directory, and data storage capabilities. Being a Java solution, OUD simplifies multiple platform support, deployment, and ongoing maintenance. OUD, OVD and DIP are part of Oracle Directory Services Plus (ODS Plus) suite, the most comprehensive solution on the market, that also includes Oracle Internet Directory (OID, an LDAP directory with external Oracle database), and Oracle Directory Server Enterprise Edition (ODSEE, the former Sun directory with embedded database).
Figure 1. Oracle Unified Directory Deployment Options and Core Components
OUD is a comprehensive next generation directory service entirely developed in Java. It is fully LDAP v3 compliant, easy to deploy and manage, and has monitoring capabilities that addresses large deployments with high performance. OUD, together with the synchronization server DIP and the virtualization server OVD, is the industry’s first and only Java-based unified directory solution. OUD’s unique design allows it to be flexibly configured for core LDAP storage, LDAP proxy, synchronization and replication with an existing ODSEE instance. The unified directory approach enables deployment of fewer fragmented components and provides deployment flexibility. High availability and reduced administration is assured via its proxy and replication technology, for monolithic and distributed deployments. For large scale distributed deployments, the global index capability of OUD addresses the traditional limitations of a distributed configuration. OUD provides support for Elastic Directory Services, enabling support for any deployment scenario to match current and future requirements. The Elastic Directory Services introduces a revolutionary approach that allows adding directory servers and storage on demand without having to stop and start the directory service. In the past, sizing a directory service infrastructure traditionally was based on maximum capacity required for the next few years anticipating future growth and leading to significant initial capital expenditure.
OUD changes the scenario by eliminating the need to overbuild a monolithic system by providing the following key features:
» Distributed global indexing
» Robust and flexible replication services with partial and fractional replication
» Directory synchronization for identity and password unification with DIP
» Identity Virtualization natively or with OVD
» Web-based UI – Oracle Directory Services Manager (ODSM)
Oracle Unified Directory Replicated Architecture
The centralized replication model in Oracle Unified Directory separates user data from replication metadata. In this model, the server that stores the user data is called the directory server (DS). The server that stores the replication metadata is called the replication server (RS). This approach simplifies the management of replication topologies and can improve performance.
Replication is architected to support large-scale deployments with many masters. OUD introduces the concept of Replication Servers that are dedicated to handling replication across the topology. This means that directory server instances remain focused on their primary goal, which is serving client applications, and replication servers remain focused on propagating changes between servers in a timely manner, with low latency.
Replication provides an assured mode, where changes are confirmed to the client application only when information is safely secured in multiple directories. So, it is guaranteed that the change is effectively made in at least two different locations. To help comply with various regulations and security mandates, OUD provides fractional replication, so that some attributes (such as social security numbers or PIN codes) can be defined so that they would not be replicated to a less secured environment. Finally, OUD includes a unique, highly available, changelog so that external applications can consume directory updates without impacting directory service performance.
OUD, together with DIP and OVD, is the industry’s first and only Java-based unified directory solution to provide storage, synchronization, proxy, and virtualization. It addresses the fragmented solution challenges that enterprises are facing today and significantly reduces total cost of ownership. Its elastic scalability, high availability, superior performance, and enterprise manageability delivers carrier grade services that scale on demand with business growth. It is full compatibility with DSEE and enables existing customers to run both DSEE and OUD together in mixed environments with zero downtime upgrade. Finally, because OUD adheres to the LDAP standards and integrates with Oracle Fusion Middleware platform, it runs easily with existing applications and maximizes the value of data in directory.
By: Sandeep Sampath – Oracle Database Administrator
To find out more about our database management, click here.