1 / 20

Directory of Directories for Higher Education (DoDHE) October 5, 2001

Directory of Directories for Higher Education (DoDHE) October 5, 2001. Michael R. Gettes Principal Technologist Georgetown University Project Leader, DoDHE gettes@Georgetown.EDU. f Technologist, University of Colorado at Boulder. Is DoDHE anything new?. A Web of People vs. A Web of Data

ariane
Télécharger la présentation

Directory of Directories for Higher Education (DoDHE) October 5, 2001

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Directory of Directories forHigher Education(DoDHE)October 5, 2001 Michael R. Gettes Principal Technologist Georgetown University Project Leader, DoDHE gettes@Georgetown.EDU f Technologist, University of Colorado at Boulder

  2. Is DoDHE anything new? • A Web of People vs. A Web of Data • Linking people to applications and organizations • Early 1990’s • X.500 World-wide Directory System (DAP) • Slow Computers, expensive memory • Slow Networks • Large memory footprint and relatively slow server • Before its time (probably) • Now • Fast Computers, cheap memory • Fast Networks • Lightweight (DAP), Fast server, lean and mean.

  3. Is DoDHE anything new? • Exposes common schema issues. eduPerson applicability. • Performance issues for massively parallel searches. • Interesting lessons learned about LDAP API. • Worked with iPlanet/Netscape to use DSGW for this project. (Mark Smith) • Prototype from April, 2000. A search of 500 simulated dirs getting about 15,000 responses in approximately 30 seconds. Is this viable?

  4. Where Are We Now? • Michael Gettes working 50% time Internet2 and this project. • MACE-DIR provides oversight of the project • Sun Microsystems has contributed hardware and assisted with software procurement (iPlanet DS 5, 6 million DNs for Central Deposit Service). Also, access to intellectual capital. Sun E450, 4x400Mhz CPU, 4GB RAM + disk. • Using Metamerge to assist in submitting data to the Central Deposit for those sites wishing to do so.

  5. Where Are We Now?(cont.) • eduPerson specification for common schema • LDAP-Recipe for similar config and operations and further recommendations for use of common schema • i.e. RL “Bob” Morgan’s advice for handling names. • DoDHE is functional. Now ready to accept new schools to participate. Can search enterprise directories real-time or handle data submitted centrally for searching – the decision is for each site. • UI issues needed development… working with I-schools. • Have requested EDUCAUSE for directory.edu to be used by DoDHE

  6. DoDHEArchitecture DoD Config Dir Gratuitous Architectural Graphic (GAG) Site Dir Site Dir Site Dir Real-time Search of Site Dirs Site Dir Site Dir Site Dir . . . Parallel Search Engine Web Page CDS Dir CDS Dir Data supplied By Site Dirs. Updated periodically LDAP Front-end Central Deposit Service

  7. CDS Inputs: Local Site View Submit final LDIF to CDS using authenticated POST via HTTPS. Local Data Source LDAP Filter LDIF according to local policy. Generate new LDIF for submission. DODHE Generate LDIF Data

  8. CDS Input • Standardized input is LDIF • Using Metamerge as filter and submission mechanism • Sites can always roll their own but will have to comply with Metamerge implementation rules • Site always submits full dataset. No worry of reconciling. Easier site participation in the DoDHE service. • CDS handles reconciliation and controls data updates. • Can provide feedback. • Georgetown using CDS with Metamerge: 8/2001 • 100K DNs reduced to 18K for CDS in 45 min

  9. Central Deposit Service dc=edu dc=georgetown dc=memphis dc=virginia dc=washington dn: uid=gettes,ou=People,dc=georgetown,dc=edu objectclass: {person, organizationalPerson, inetOrgPerson, eduPerson} cn: Michael Gettes sn: Gettes mail: gettes@georgetown.edu displayName: Michael R Gettes eduPersonPrimaryAffiliation: Employee eduPersonAffiliation: Employee …

  10. DoDConfig Directory dc=edu dc=georgetown dc=memphis dc=virginia dc=washington dn: dc=georgetown,dc=edu objectclass: {organizationalUnit, domain, referral, DoDEntry } cn: Georgetown University ref: ldap://directory.georgetown.edu/dc=georgetown,dc=edu dodRefSearch: ldap://cds1.dodhe.internet2.edu/dc=georgetown,dc=edu dodCarnegieClass: Research-1 uid: georgetown.edu

  11. Disclaimers andProject Participation • Of 13 sites that participated in the initial testing and analysis by allowing access to searching their directories, 11 have replied to give permission in participating in the project. • Some say “Didn’t realize the data was going to be THAT public!?!?” • Splash page of DoDHE has necessary legal disclaimers • Open for further participants in the experiment.

  12. Common Configuration • While the LDAP Recipe is intended to promote reasonable practice for configuration and operation – reality is different • Now only searching commonName due to disparity of indexing • Todd Piket (Michigan Tech) has been working on an LDAP Analyzer which will connect to a directory and figure out indexing settings, schema usage and compliance with eduPerson (including vocabularies), performance issues, DIT structure issues and so on. Availability unknown.

  13. Heuristics and capabilities? • What should be available to search? • By Affiliation • Carnegie Classification • Geography • Institution • Job Classification • Area of Research or specialty

  14. Human Interface • What should the web interface look like? • Response analysis? What to do with 10,000 hits? • Human Interface work with the I-schools • mw-dodhe-ui project started summer 2001 • see http://middleware.internet2.edu/dodhe • see Eisenberg Middleware Plenary at VIMM-2001 • What will we learn from them? How will we have to change our Enterprise directories? What will we learn together?

  15. The Mundane • Server Configuration • Scalability • Statistical Analysis • Security • Monitoring • Threat response (anti-slurpers) • Management & Maintenance • Self-Registration and Configuration - proceeding • Participation Requirements – DIT root suffix, etc. • Meta Directory functionality for central deposit (done?)

  16. Issues • Displaying Org structure in DoDHE using eduPersonOrgDN and eduPersonOrgUnitDN • eduOrganization – attributes for projects (shibboleth). A place to specify eduPerson version usage? Hints about Affiliated Directory configuration? How can DoDHE display and use it? • Scalability across multiple CDS servers. Going beyond 6 million? • Regionalized DoDHE – a DoDHE hierarchy. Example: CSU system wants a DoDHE for them – separate or integrated? A DoDHE Tree? • An LDAP interface (not just a web interface) to DoDHE – Email clients? • Include European Large Scale Directory projects in DoDHE searches

  17. Metamerge Product Info • www.metamerge.com • Higher Education Contact for USA • Keith Hazelton, University of Wisconsin – Madison • hazelton@doit.wisc.edu • This product is available free of charge to Higher Ed in USA • Source code will be in escrow. See Keith for further details.

  18. DoDHE Location • So, here’s the URL for DoDHE • http://dodhe.internet2.edu/dodhe • Be gentle. Please.  • Project web page • http://middleware.internet2.edu/dodhe

  19. Affiliated Directoriesand DoDHE • How to link Person X in one directory with Person X in another separate directory • We need to solve this problem for various applications and communities: • Video, Community of Science, Inter-institutional faculty/staff/students, Enterprise Directories and GRID, etc… • Solve this problem for the Enterprise Directory and it propogates to DoDHE for free – theoretically.

  20. A Video Scenario using DoDHE and Affiliated Directories • Keith Hazelton wishes to make a video conference call with Tyler Johnson. Keith uses DoDHE to search for Tyler because he can’t seem to remember where he works (Keith has trouble remembering things). Using DoDHE he finds Tyler. Remember, Tyler’s entry in DoDHE is supplied by his enterprise directory at the University of North Carolina. Keith sees a hyperlink that says Tyler is video enabled. Clicking the hyperlink takes Keith over to the “video world” which accurately describes Tyler’s video capabilities for that day. Keith then likely clicks a link to initiate a video connection with Tyler. • The UNC Enterprise directory only knows about an affiliation with “video world” for Tyler because he created the affiliation in the UNC directory and the “video world”. (a metadir problem?)

More Related