Brought to you by EarthWeb
IT Library Logo

Click Here!
Click Here!


Search the site:
 
EXPERT SEARCH -----
Programming Languages
Databases
Security
Web Services
Network Services
Middleware
Components
Operating Systems
User Interfaces
Groupware & Collaboration
Content Management
Productivity Applications
Hardware
Fun & Games

EarthWeb Direct EarthWeb Direct Fatbrain Auctions Support Source Answers

EarthWeb sites
Crossnodes
Datamation
Developer.com
DICE
EarthWeb.com
EarthWeb Direct
ERP Hub
Gamelan
GoCertify.com
HTMLGoodies
Intranet Journal
IT Knowledge
IT Library
JavaGoodies
JARS
JavaScripts.com
open source IT
RoadCoders
Y2K Info

Previous Table of Contents Next


Distributed Directory Service

In traditional client/server environments, the client application must have explicit knowledge regarding the location of the server application either hard-coded into the client application or stored in a local file. In either case, the RPCs were made to a particular server. In distributed computing environments, a method is needed whereby clients can dynamically find servers, and servers can be easily integrated into the distributed environment. Within DCE, this framework is provided by the DDS.

Just as people and systems are grouped into structures that align with an organization’s internal structure, DCE allows the establishment of a client/server environment equivalent, called a cell. Within DCE, a cell is the basic unit of operation and administration. Like an organization that may have one or more departments, a local DCE environment may have one or more cells.

In DCE, client applications typically have no knowledge of the actual locations of server applications. Yet, it is possible for the client to explicitly bind to a particular server. Finding and attaching to a compatible server (termed binding) is accomplished by interrogating the Cell Directory Service. The CDS may be viewed in the same way as the Domain Name System (DNS) of TCP/IP or the X.500 directory service of the OSI reference model. In fact, when installing DCE on their system, users must indicate whether they are using DNS or X.500 directory services. When given a search criteria such as a service name, the CDS, like DNS or X.500, returns information that is needed to locate or reach the named service. This information allows the client to locate and bind to the requested service.

Because the client finds the location of the server from the CDS, the server application need not be bound to any particular server machine. It can, in effect, roam about the network. Alternatively, it may be offered as a server by more than one system as long as it tells the CDS its location. Thus, if one system in the cell was down for any reason, another system that also provides the same server application could offer its services with no disruption to the client applications that use it. In a typical DCE cell, there is a primary CDS server and one or more additional CDS servers. Exhibit 6-4-4 illustrates CDS operation.


Exhibit 6-4-4.  DCE CDS Operation

Users within a DNS global directory service (GDS) can locate systems or servers outside their own local domains because of the tree-like archithd3ecture of DNS. Similarly, the CDS can also find servers in other cells by using a GDS. In fact, it uses the X.500 global directory service, or TCP/IP’s DNS, for just that purpose. If a client made a request for a service that resides in another cell, the CDS would find the other cell via GDS and then use the CDS of that cell to find the service. Intercell calls incur more overhead than do intracell calls and, as such, cells should be set up to stat intercell calls are infrequent. In addition, CDS also provides binding information to the other DCE services such as the DTS, DES, and the security service.

Considerations in Determining Cell Boundaries

A cell may consist of only a few systems or a few hundred. The definition of the cell or cells within an organization can have a significant impact on the performance of the whole client/server environment when it goes into production. To help in planning the number and organization of cells, the boundaries of a cell need to be determined. The following considerations can be used to determine cell boundaries:

  Common purpose (organizational).
  Administration.
  Security.
  Overhead.
  File systems.

A Cell’s Purpose

The cell identifies the group of users who need access to a common set of resources. This boundary would most likely follow organizational lines. Geographical considerations may also be used. For example, the organization may have a development project that has teams in different countries that need to work together. In this case, the members of the development team, because they are located at different geographic sites, would be consolidated into a group of cells based on their individual geographic location.

Cell Administration

A cell is a single administration domain. Each cell, as a minimum, must contain a cell directory server and a security server. The services that are provided by cells are administered locally.

Cell Security

The more services that are made available to users, the more concerned an organization must be with the security of those services. Data integrity and security are provided by three facilities:

  Authentication.
  Authorization.
  User registry.

DEC authenticates a user before allowing access to a service based on the Kerberos version 5 standard from MIT. Final verification is provided by a third server. Once a user has obtained authentication from the security server, an authorization facility decides whether the user can then access the requested service.

A user registry facilitates management of user information. The role of the registry is to ensure that user names are unique across the network and to maintain a log of user and log-in activity. Because principals (users and servers) share a common security data base within a cell, the cell should be defined with regard to the trust relationship among the principals.

Cell Overhead

A cell should be organized to minimize overhead. It requires more software and network traffic to communicate between cells than it does within a cell. Therefore, consideration should be given to the organization of resources within and across cells and the frequency of access to them.

A Cell’s File System

When using the distributed file system, consideration should be given to the number of file sets in a cell. The overhead involved in maintaining a file set data base is constant within normal usage. However, as file set sizes approach the 100,000 range, the cell’s capacity to efficiently manage the file set decreases significantly.

In summary, a cell is a grouping of systems or resources that work together as clients, servers, or both clients and servers. It is a single administrative unit whose size and scope are determined by organizational factors. Cell structure in DCE is illustrated in Exhibit 6-4-5.


Exhibit 6-4-5.  DCE Cell Structure


Previous Table of Contents Next

footer nav
Use of this site is subject certain Terms & Conditions.
Copyright (c) 1996-1999 EarthWeb, Inc.. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Please read our privacy policy for details.