System and method for enforcing quotas on object creation in a replicated directory service database
First Claim
1. In a distributed directory service system that includes a plurality of directory servers connectable to one another through a network so that directory service objects are replicated through a distributed database among the plurality of directory servers, and wherein at least one of the directory servers is responsible for assigning quotas to network entities that are allowed to create directory service objects, tracking quota consumption of objects by such network entities, and enforcing quota limits as to consumption of objects by such network entities, a method by which the network entities are managed by the at least one responsible directory server with respect to the object quotas for such network entities, the method comprising steps for:
- sending from a first network entity to the at least one responsible server a request for a directory operation, the first entity having an object quota assigned to it by the at least one responsible server, and owning a plurality of system objects and tombstones for deleted system objects, and the requested directory operation changing the number of objects owned by the first entity if performed;
performing at the first network entity the requested directory operation, but only if it is determined that the quota of the entity will not be exceeded, said determination being performed by,calculating a total number of objects as a sum of a number of said system objects of the first entity and a number of the tombstones owned by the first entity multiplied by a pre-selected, fractional tombstone factor, andthen comparing the calculated total number with the quota assigned to the first entity to determine whether the quota assigned to the first entity will be exceeded if the requested directory operation is performed.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for managing the creation of objects in a distributed directory service system assigns quotas to entities (such as users, computers, groups) to limit the number of objects each entity is allowed to create and own. For purposes of enforcing the quotas, tombstones generated for deleted objects are taken into account in the calculation of a weighted total number of objects owned by an entity, with each tombstone counted as a configurable fraction of a regular object. When an entity requests a directory operation that will increase the number of objects owned by that entity, the number of system objects owned by that entity is added to the number of tombstones multiplied by the fractional tombstone factor to generate the weighted total, which is compared to the quota of that entity to determine when the requested operation should be performed.
-
Citations
6 Claims
-
1. In a distributed directory service system that includes a plurality of directory servers connectable to one another through a network so that directory service objects are replicated through a distributed database among the plurality of directory servers, and wherein at least one of the directory servers is responsible for assigning quotas to network entities that are allowed to create directory service objects, tracking quota consumption of objects by such network entities, and enforcing quota limits as to consumption of objects by such network entities, a method by which the network entities are managed by the at least one responsible directory server with respect to the object quotas for such network entities, the method comprising steps for:
-
sending from a first network entity to the at least one responsible server a request for a directory operation, the first entity having an object quota assigned to it by the at least one responsible server, and owning a plurality of system objects and tombstones for deleted system objects, and the requested directory operation changing the number of objects owned by the first entity if performed; performing at the first network entity the requested directory operation, but only if it is determined that the quota of the entity will not be exceeded, said determination being performed by, calculating a total number of objects as a sum of a number of said system objects of the first entity and a number of the tombstones owned by the first entity multiplied by a pre-selected, fractional tombstone factor, and then comparing the calculated total number with the quota assigned to the first entity to determine whether the quota assigned to the first entity will be exceeded if the requested directory operation is performed. - View Dependent Claims (2, 3)
-
-
4. In a distributed directory service system that includes a plurality of directory servers connectable to one another through a network so that directory service objects are replicated through a distributed database among the plurality of directory servers, and wherein at least one of the directory servers is responsible for assigning quotas to network entities that are allowed to create directory service objects, tracking quota consumption of objects by such network entities, and enforcing quota limits as to consumption of objects by such network entities, a computer program product comprised of a computer-readable medium having computer-executable instructions for implementing a method by which the network entities are managed by the at least one responsible directory server with respect to the object quotas for such network entities, and wherein the method is comprised of steps for:
-
receiving from the at the least one responsible server, at each of the plurality of entities, a quota on object creation; sending to the at the least one responsible server a request from a first network entity for a directory operation; performing at the first network entity the requested directory operation, but only if it is determined that the quota of the entity will not be exceeded, said determination being performed by, calculating a total number of objects as a sum of a number of said system objects of the first entity and a number of the tombstones owned by the first entity multiplied by a pre-selected, fractional tombstone factor, and then comparing the calculated total number with the quota assigned to the first entity to determine whether the quota assigned to the first entity will be exceeded if the requested directory operation is performed. - View Dependent Claims (5, 6)
-
Specification