IDT-DS425-A Architecting LDAP Identity Repositories

This course covers the following topics:

Directory Services Overview:

• Describe the rationale behind corporate directories

• Describe the components of a standard directory server 

• Describe the differences between databases and directories

• Describe the methodology behind architecting Directory Services deployments

Selecting Directory Server Data

• Describe the Process of Planning Directory Data

• Identify Applications and Data Store Data

• Document Application and Data Store Attributes

Designing a Directory Services Data Model (Schema)

• Describe the Process of planning the Directory Schema

• Describe directory server schema concepts

• Match directory application attributes to default schema

• Match directory store attributes to default schema

• Describe the best method of extending the schema 

• Extend the schema for non-matching attributes

• Identify Authoritative source for attributes

• Identify processes and procedures that will require change

Designing a Directory Services Naming Model (Directory Information Tree)

• Describe the process of Designing a Directory Information Tree (DIT)

• Describe the Components of a Directory Information Tree (DIT) hierarchy

• Understand the factors affecting DIT design

• Understand the history and components of the root suffix

• Describe branches and RDNs

• Describe Groups and how they aid in administration of DS and Applications

Designing a Directory Topology and Distribution Strategy

• Describe the process of creating a distributed data topology

• Create a Directory data map

• Partition the Directory Tree (DIT)

• Describe the benefits of distributing directory data

• Describe methods of database distribution

• Describe the process of creating a database distribution strategy

• Identify DB distribution options and replication paths

• Describe the Process of creating a replication strategy

Designing an Effective Security Strategy

• Describe the process of defining security policies

• Understand access control processing for the directory server

• Understand groups and roles and how they fit in the security strategy

• Understand how to apply access control attributes to directory server entries

• Understand password policies

• Explain the reason for encrypting fields

• Create Access Control Instructions (ACIs) to support desired security policies

• Describe the components for creating Secure Communication

Optimizing Directory Server Performance

• Describe the process of planning an indexing strategy

• Describe the default Directory Server indexes

• Identify index types 

• Choose which attributes to index and which index types to use

• Describe how to configure the directory server for best read performance

• Describe how to configure the directory server for best write performance

• Define an indexing strategy to achieve maximum performance

Testing Your Design

• Implement the design in a test environment to verify the design.

• Identify where there may be issues that require more planning and/or adjusting

Who Can Benefit

Students who can benefit from this course:

• System Integrators

• System Consultants

• System Architects

• System Developers

• System Administrators

Students should have the following prerequisite knowledge to be successful in this class:

• General Linux Command Line Experience

• Ability to navigate Linux directories

• Ability to edit files using the 'vi' editor

• Ability to install applications from the Linux command line

• Ability to start, stop, and determine services status

• General Google Documents Knowledge

• Ability to update Google Sheets

• Ability to update Google Docs