Preface; Directory Server Overview - Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION Administration Manual

Preface

Red Hat Directory Server (Directory Server) is a powerful and scalable distributed directory server
based on the industry-standard Lightweight Directory Access Protocol (LDAP). Directory Server is the
cornerstone for building a centralized and distributed data repository that can be used in your intranet,
over your extranet with your trading partners, or over the public Internet to reach your customers.
This Administrator's Guide describes all of the administration tasks you need to perform to maintain
Directory Server.

1. Directory Server Overview

Directory Server provides the following key features:
• Multi-master replication — Provides a highly available directory service for both read and write
operations. Multi-master replication can be combined with simple and cascading replication
scenarios to provide a highly flexible and scalable replication environment.
• Chaining and referrals — Increases the power of your directory by storing a complete logical view
of your directory on a single server while maintaining data on a large number of Directory Servers
transparently for clients.
• Roles and classes of service — Provides a flexible mechanism for grouping and sharing attributes
between entries in a dynamic fashion.
• Improved access control mechanisms — Provides support for macros that dramatically reduce the
number of access control statements used in the directory and increase the scalability of access
control evaluation.
• Resource-limits by bind DN — Grants the power to control the amount of server resources allocated
to search operations based on the bind DN of the client.
• Multiple databases — Provides a simple way of breaking down your directory data to simplify the
implementation of replication and chaining in your directory service.
• Password policy and account lockout — Defines a set of rules that govern how passwords and user
accounts are managed in the Directory Server.
• TLS and SSL — Provides secure authentication and communication over the network, using the
Mozilla Network Security Services (NSS) libraries for cryptography.
The major components of Directory Server include the following:
• An LDAP server — The LDAP v3-compliant network daemon.
• Directory Server Console — A graphical management console that dramatically reduces the effort of
setting up and maintaining your directory service.
• SNMP agent — Can monitor the Directory Server using the Simple Network Management Protocol
(SNMP).
xiii