Introduction

Why Directories?

The X.500 standard gives the following characterisation of a directory [38]: ``The Directory is a collection of open systems which cooperate to hold a logical database of information about a set of objects in the real world.'' Directories have some properties that set them apart from relational databases [68]:

Directories are organised in an object-oriented and hierarchical way. Information about a real-world object is stored in the entry that represents this object in the directory. To mirror the relationships of their respective objects, entries can be organised in a tree structure.

Directory services provide a common schema for what can/must be stored for a certain class of objects and a standard access protocol, which greatly facilitates interoperability.

Directories services offer a fine-grained security model. For example, access restrictions can be specified for one entry and then inherited by all entries below this entry in the directory tree.

Directory services do not support transactions. Instead, they adopt a loose-consistency model. This allows for improved local availability of the service in a distributed environment.

The most common areas of application for directories are white pages and yellow pages services. In white-pages services such as a phone book, information about an object is accessed by the object's name, whereas yellow pages allow for information to searched or browsed by specifying categories. Due to their flexibility, directories are being used in other applications as well, for example, as information repository for users and resources in computer networks.

The successful standardisation efforts on directories have created a highly interoperable software landscape. Support for directory protocols has become a standard feature in many programs. Standard-compliant general-purpose directories are therefore often used to consolidate information germane to multiple applications into a singe repository. In an economic viability-analysis the impact of the introduction of a directory based white-pages and Single Sign-On service in six banks and insurance companies has been researched. This case study estimated that ``the benefit of the directory would be 11 times that of its cost'' which would lead to savings of about 23 Mil. DM [100].

Layout of this Thesis

The main aim of this thesis is to show that directories can be a viable tool for managing user accounts and resources in computer networks of academic institutions. Furthermore, criteria for choosing between different directory products will be given and the currently available software packages for Linux will be evaluated to these criteria.

Chapter will give a description of the fundamental aspects of a general-purpose directory service. In Chapter a historic review of different standards for directory services will be given. It will concentrate on X.500 and will point out the reasons why a lightweight version of this standard was conceived.

Security considerations for accessing directory services have been analysed in the frame of this thesis and will be presented in Chapter .

Chapter will give an overview how support for directory services can be integrated into applications.

In Chapters , and a description of current directory server products available for Linux as well as the products from Novell and Microsoft will be given.

Chapter will describe which requirements would be posed to a directory-enabled user management system and how such a system has been implemented in the frame of this thesis.

In Chapters and an analysis of directory servers with regard to their suitability as a back-end for a user management and a white pages service will be presented.

This thesis was typeset with LaTeX. A schema and several utility programs have been developed to store and manage BiBTeX bibliographical references in a directory. This work will be presented in Chapter .

Chapter will give a summary of the work done and a perspective on possible future work items.

In Appendix and ways to synchronise passwords between Linux and Windows 2000 will be described.