1.5 Partitions

A partition is a logical division of the eDirectory database. A directory partition forms a distinct unit of data in the tree that stores directory information.

Partitioning allows you to take part of the directory off one server and put it on another server.

If you have slow or unreliable WAN links or your directory has so many objects that the server is overwhelmed and access is slow, you should consider partitioning the directory. For a complete discussion of partitions, see Section 6.0, Managing Partitions and Replicas.

Each directory partition consists of a set of container objects, all the objects contained in them, and data about those objects. eDirectory partitions don’t include any information about the file system or the directories and files contained there.

Partitioning is done with NetIQ iManager. Partitions are identified in iManager by the following partition icon (partition icon).

Figure 1-13 Replica View for a Server

In the above example, the partition icon is next to the Tree object. This means it is the top-most container in the partition. No partitions are shown by any other containers, so this partition is the only one.

This is the default partitioning for eDirectory, keeping the entire directory together in one partition.

Notice in the example that the Replica View for Server1 is displayed. When you display the Replica View for a server in iManager, any replicas held on that server are shown on the right. In this case, Server1 holds a replica of the only partition. For more information, see Replicas and Viewing Replicas on an eDirectory Server.

1.5.1 Partitions

Partitions are named by their topmost container. In Figure 1-14 there are two partitions, named Tree and Finance. Finance is called a child partition of Tree, because it was split off from Tree. Tree is called the parent partition of Finance.

Figure 1-14 Replica View for a Partition

You might create such a partition because the directory has so many objects that the server is overwhelmed and access to eDirectory is slow. Creating the new partition allows you to split the database and pass the objects in that branch to a different server.

The example above shows the Replica View for the Finance partition.When you display the Replica View for a partition in iManager, any servers holding a replica of that partition are shown on the right. In this case, Server1 holds a Read-Write replica of the Finance partition. For more information, see Viewing a Partition’s Replicas.

1.5.2 Distributing Replicas for Performance

In the preceding example, suppose that Server1 holds replicas of both the Tree partition and the Finance partition. At this point, you haven’t gained any performance advantage from eDirectory because Server1 still holds the entire directory (replicas of both partitions).

To gain the desired performance advantage, you need to move one of the replicas to a different server. For instance, if you move the Tree partition to Server2, then Server2 holds all objects in the Tree and YourCo containers. Server1 holds only objects in the Finance and Accounts containers. The load on both Server1 and Server2 is less than it would be with no partitioning.

1.5.3 Partitions and WAN Links

Suppose your network spans two sites, a North site and a South Site, separated by a WAN link. Three servers are at each site.

Figure 1-15 Sample eDirectory Containers

eDirectory performs faster and more reliably in this scenario if the directory is divided in two partitions.

With a single partition, the replicas are either kept at one site or distributed between the two sites. This proves unwieldy for two reasons:

  • If all replicas are kept on servers at the North site, for example, users at the South site encounter delays when logging in or accessing resources. If the link goes down, users at the South site can’t log in or access resources at all.

  • If replicas are distributed between sites, users can access the directory locally. However, server-to-server synchronization of replicas happens over the WAN link, so there can be eDirectory errors if the link is unreliable. Any changes to the directory are slow to propagate across the WAN link.

The two-partition solution shown in Figure 1-16 solves performance and reliability problems over the WAN link.

Figure 1-16 Sample Partitions

Replicas of the Tree partition are kept on servers at the North site. Replicas of the South partition are kept on servers at the South site, as shown in Figure 1-17.

Figure 1-17 Sample Partitions, Severs, and Replicas

For each site, the objects that represent local resources are kept locally. Synchronization traffic among servers also happens locally over the LAN, rather than over the slow, unreliable WAN link.

eDirectory traffic is generated over the WAN link, however, when a user or administrator accesses objects at a different site.