DirXML
DirXML is a technology from Novell to connect the LDAP -capable directory service eDirectory with other applications, directories or other data sources and data sinks . This creates a possible basis for identity management , a metadirectory service .
While DirXML was previously marketed as an independent product at Novell (DirXML 1.1a), it is now a technical basis on which the Identity Manager is based. The current name for this product is Identity Manager 4.5 .
technology
function
Novell's directory service eDirectory is event driven. DirXML is based on this directory service and processes all data in an XML representation. It uses XSLT to transform events that are generated either in the Novell directory or in the data sources to be connected.
For this purpose, all data are brought into XML form, processed and brought from XML into the data representation of the target system. Adding, deleting and changing attributes of a data record or the entire data record are considered. For each type of event, rules can be defined that define what should happen in one system if certain events occur or states exist in the other system.
Filters can be defined that only allow editing under certain conditions. So that, for example, when a new user is created in the eDirectory, the user is created in a Unix system connected via DirXML, but only if the user has been assigned to a specific Unix group, for example.
While all of these rules had to be programmed manually under DirXML 1.1, there are now ready-made DirXML solutions (“drivers”) that often make programming superfluous. There is now a browser-based web development system (iManager) as well as a free Eclipse- based development environment with which the existing drivers can be adapted to the current task. Since the appearance of the iManager environment (since it was called Identity Manager), the filters, events and transformation steps have been structured graphically and logically, so that the structuring of a DirXML connection is facilitated by a framework ( called Fishbone because of the shape in the web interface ).
Differences from other systems
Data storage
In contrast to the MIIS from Microsoft, for example , the data is not kept in another repository , but directly in the eDirectory or the connected system. If data or data attributes have to be used that are not provided for in the eDirectory, the schema of the directory must be expanded, which can, however, be done online without any effort.
If this is not desired for reasons of principle, the metadirectory with the DirXML can be encapsulated in a separate directory, which is then connected to the main system, for example via a preconfigured eDirectory-eDirectory DirXML driver.
Timing
All changes are processed in an event-driven manner, which enables fast response times, but a batch run (synchronization) as with MIIS is also possible. If a connection (a DirXML driver) is inactive, the requests are automatically placed in a queue and processed when the driver is started.
Platforms
DirXML is no longer dependent only on Novell Netware as a platform, but also runs on various Novell and Redhat Linux versions, Microsoft Windows from NT, SUN Solaris and IBM AIX, provided a current eDirectory version (8.7.3 or 8.8) is available as Basis is installed.
Applications
DirXML is a flexible interface that allows a directory service to act as a collection point and as a data hub for
- Files (CSV, XML, ..)
- Databases (Oracle, Microsoft SQL, ODBC-compatible databases, ...)
- Directory services (Microsoft Active Directory, SUN iPlanet, OpenLDAP, ...)
- Applications (SAP, Peoplesoft, web applications, ...)
- Systems (mainframe, operating systems, mail systems, ...)
Can be integrated in such a way that provisioning , identity management, workflows can be developed to automate the administration of users in larger companies. There are many other technologies in this field that are offered by large market players such as IBM , SUN , Microsoft , CA and Oracle .