Contact Us

Virtual Schemas

Related Products
Nearly any LDAP server, such as the ones listed here, can take advantage of the Virtual Schema plugins present in Symlabs Virtual Directory Server and Symlabs LDAP Proxy. If you're challenged by your schema requirements for any of these directories, Symlabs can help you.
Challenge
Schema changes are probably one of the biggest nightmares that plague LDAP administrators across the industry. Not only are they tricky to implement, they can also have a number of adverse consequences that can affect your entire identity infrastructure. Microsoft Active Directory users will be well aware that changes to the schema affect all of the directories within an Active Directory forest, and additions to the schema cannot be removed. Administrators of other LDAP directory types will have encountered their own problems with schema modifications, including the simple headache of configuring the change.

Some directories, such as OpenDS, can be configured in a way that disables schema enforcement. This can be very convenient when working with data for which you don't have the complete definition of the schema, or where you may not have the time to deal with loading the proper schema. In situations like this, you may want to leave schema enforcement disabled on the server, but you may want enforcement to be enabled for particular client applications, or for particular tests that you are running.

Solution
Both Symlabs LDAP Proxy and Virtual Directory Server come with a host of plugins that can greatly assist administrators who wish to implement virtual schema changes and virtual enforcement. The Virtual Schema plugin can be used to modify schema entries, or add new schema entries on the fly, so that a client application can be presented with the schema that it expects even if this change has not been implemented on the backend directory.

The Schema Enforcement plugin allows you to load a schema into memory from either a particular backend or from an LDIF file, and then present this schema as the schema for your Virtual Directory. This means that you can load a schema from on directory and apply it to another. On top of this, the plugin provides the option to enforce the schema that it loads into memory. This can be useful where a backend directory is not configured for schema enforcement, or for where you want to use one schema over another within your Virtual Directory.

Used in conjunction with plugins like the Victim Attributes plugin, these schema specific plugins can help you to implement a complete schema modification virtually without any effect on your backend directories or your overall identity infrastructure.

With these plugins, Virtual Directory Server and LDAP Proxy can be used to completely mitigate the many difficulties that arise due to schema modification requirements within an LDAP infrastructure.


Symlabs is now part of Quest Software. A leader in simplifying and reducing the cost of IT management, Quest’s innovative solutions make solving the toughest IT management problems easier, enabling more than 100,000 customers worldwide to save time and money across physical, virtual and cloud environments. The addition of Symlabs virtual directory and federation technology will enhance the overall architecture of the Quest® One Identity Solution and Quest migration products. Learn more at www.quest.com/symlabs.