Identity and Directory Structure Design
Chapter 5
Creating Your Portal Design
127
JavaMail provides a common uniform API for managing mail. It enables service
providers to provide a standard interface to their standards based or proprietary
messaging systems using Java programming language. Using this API,
applications can access message stores and compose and send messages.
Identity and Directory Structure Design
A major part of implementing your portal involves designing your directory
information tree (DIT),. The DIT organizes your users, organizations,
suborganizations into a logical or hierarchical structure that enables you to
efficiently administer and assign appropriate access to users.
The top of the organization tree in Access Manager is called
dc=
fully-qualified-domain-name
by default, but can be changed or specified at install
time. Additional organizations can be created after installation to manage separate
enterprises. All created organizations fall beneath the top-level organization.
Within these suborganizations other suborganizations can be nested. The depth of
the nested structure is not limited.
Roles are a grouping mechanism designed to be more efficient and easier to use for
applications. Each role has members, or entries that possess the role. As with
groups, you can specify role members either explicitly or dynamically.
The roles mechanism automatically generates the
nsRole
attribute containing the
distinguished name (DN) of all role definitions in which the entry is a member.
Each role contains a privilege or set of privileges that can be granted to a user or
users. Multiple roles can be assigned to a single user.
The privileges for a role are defined in Access Control Instructions (ACIs). Portal
Server includes several predefined roles. The Access Manager administration
console enables you to edit a role’s ACI to assign access privileges within the
Directory Information Tree. Built-in examples include
SuperAdmin Role
and
TopLevelHelpDeskAdmin
roles. You can create other roles that can be shared
across organizations.
NOTE
The top of the tree does not have to be called
dc
. Your organization
can change this to fit its needs. However, when a tree is organized
with a generic top, for example,
dc
, then organizations within the
tree can share roles.
Summary of Contents for Portal Server 6 2005Q1
Page 8: ...8 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 10: ...10 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 12: ...12 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 20: ...Sun Welcomes Your Comments 20 Portal Server Secure Remote Access 6 2005Q1 Administration Guide...
Page 36: ...A Typical Portal Server Installation 36 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 50: ...Proxylet 50 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 78: ...SRA Sizing 78 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 132: ...Identity and Directory Structure Design 132 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 142: ...Configuration Files 142 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 152: ...Tuning Parameters for etc system 152 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 178: ...Portal Design Task List 178 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 182: ...182 Portal Server 6 2005Q1 Deployment Planning Guide...
Page 192: ...Section X 192 Portal Server 6 2005Q1 Deployment Planning Guide...