By Topic

Directory cache techniques for efficient user management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Florin B. Manolache ; Carnegie Mellon University, Pittsburgh, PA 15213, USA ; William McDowell ; Octavian Rusu

User management is one of the most time consuming tasks for administrators of large networks. This paper presents some techniques developed at Carnegie Mellon University to improve handling of accounts and access rights in a corporate environment. Directory information is typically handled by a hierarchy of LDAP servers maintained by different support groups on different administrative levels, from corporate to department. Optimization of information flow between these levels can be achieved by minimizing the need for communication between different support groups, and by reusing the data provided by the higher levels for automatic configuration of the lower levels. The method described here for achieving this goal is to trickle down user information from the higher to the lower administrative levels using successive cache mechanisms. This technique can be applied between different levels of LDAP servers (corporate, departmental, group), as well as for end-user computers. To preserve the flexibility of the configuration and the autonomy of the lower levels, the information stored by the LDAP server that's the closest to the end-user computer should have the highest precedence. By implementing the techniques described here, user management became more efficient, especially for automatically creating new accounts on end-user computers, expanding the number of local authenticated services, and granting local access rights for users.

Published in:

2011 RoEduNet International Conference 10th Edition: Networking in Education and Research

Date of Conference:

23-25 June 2011