NDS External References

Overview #

Just as subordinate references help maintain connectivity between parent and child NDS Partitions stored on different servers, the following other kinds of references also help keep EDirectory trees connected and maintain EDirectory Synchronization:

EDirectory stores these types of information in NDS External References, which are place holders containing information about entries that the server does not hold. NDS External References are not copies of the complete entries, but rather pointers to the real entry.

Besides providing connectivity, NDS External References improve system performance by caching frequently accessed information.

NDS External References are maintained by the Backlinker or DRL processor and the Purger process.

eDirectory (20801.46) and Later#

Starting with eDirectory (20801.46) the Distributed Reference Links (DRL) method has been removed eliminating these unnecessary cycles.

Additionally, if all servers in a ring are on eDirectory (20801.46), NDS Obituary State flag 2 is no longer used in processing delete, rename and move NDS Obituaries.

Prior to eDirectory (20801.46), the NDS Obituaries process would not run on a NDS Partition if the server was currently outbounding changes for that partition to other servers. This would cause NDS Obituaries for that partition to be delayed. In a busy environment with hundreds of changes per second this could lead to Change Cache buildup. Now the NDS Obituaries process can run in parallel with outbound synchronization thereby reducing obituary processing delays.

EDirectory (20219.15) and later EDirectory Versions do NOT support NetWare and these features are NOT supported.

So what is actually maintained? #

That depends on the object and the version of eDirectory. The base class, name, and certain attributes are all maintained. Some examples of maintained attributes include Public Key and GUID for User objects, Replica for NDS Partition Root objects, and Status and NDS Version for NCP objects.

In order to achieve the NDS External References, various attributes relating to the obituary process are maintained, these are

These attributes are maintained using the Backlinker, Janitor and Distributed Reference Links (DRLs).

Creating NDS External References#

EDirectory creates NDS External References for the following operations:
  • Authentication - A user authenticates to a server, and this user does not have an entry stored in a NDS Partition on the server. To enable authentication, the server must create an external reference so that a localEntryID can be given to the authentication process.
  • Browsing - When a user, browsing the eDirectory tree, requests information about an entry that is not stored locally, eDirectory creates an external reference to the entry.
  • SecurityEquals - Users who authenticate to the server can have security equivalence to entries not stored locally. Such entries require external references.
  • Attributes of Local Entries - Some attributes, such as Member, take a list of entries and can have entries of objects that are not stored locally. Each such entry requires an external reference.
  • File System - The file system uses entry IDs to maintain a list of owners and trustees of files and directories. Trustees or owners that are not local entries require external references.

In addition, eDirectory creates external references when a replica is removed from the server. eDirectory changes all of the entries in the removed replica into NDS External References and marks them as expired.

Before an NDS External References is created in eDirectory, newer than NetWare 5.x, it places a UsedBy attribute on a writable copy of the referenced object. The UsedBy attribute is also placed on the referenced object's NDS Partition root and the object's NDS Partition root.

Deleting NDS External References #

On each server, eDirectory deletes expired NDS External References if they have not been used within a specified time period when the Backlinker process runs.

The system administrator can use a SET the n4u.nds.external-reference-life-span parameter to set a number of hours after which eDirectory deletes NDS External References that have:

  • not been used
  • are not needed for another entry's context,
  • do not contain information that the operating system needs.

To remove expired NDS External References, eDirectory builds a list of unused NDS External References by checking the life span interval of each external reference.

The Backlinker process checks to see if the file system must access any of the external references. If the file system uses the expired external references, they are not taken off the delete list. The Backlinker process deletes the remaining entries on the list. The Janitor process is responsible for purging the deleted external references.

When eDirectory updates entries and partitions, it also must update NDS External References created for those entries. Synchronizing external references is usually done by the server receiving the original synchronization request; however, any read/write replica can initiate synchronization if the external reference is being deleted or renamed.



More Information #

There might be more information for this subject on one of the following: