System and method for enforcing quotas on object creation in a replicated directory service database
First Claim
1. In a distributed directory service system that includes a plurality of directory servers connectable to one another through a network so that directory service objects are replicated through a distributed database among the plurality of directory servers, and wherein at least one of the directory servers is responsible for assigning quotas to network entities that are allowed to create directory service objects, tracking quota consumption of objects by such network entities, and enforcing quota limits as to consumption of objects by such network entities, a computer-readable medium having computer-executable instructions for implementing a method by which the at least one responsible directory server manages the object quotas for such entities, the method comprising steps for:
- receiving at the at least one responsible server a request for a directory operation from a first entity of the directory service system, the first entity having an object quota assigned to it by the at least one responsible server, and owning a plurality of system objects and tombstones for deleted system objects, and the requested directory operation changing the number of objects owned by the first entity if performed;
identifying at the at least one responsible server the assigned quota of the first entity for limiting objects owned by the first entity;
calculating a total number of objects as a sum of a number of said system objects of the first entity and a number of the tombstones of the first entity multiplied by a pre-selected fractional tombstone factor;
the at least one responsible server then comparing the total number with the quota assigned to the entity to determine whether the quota of the first entity will be exceeded if the requested directory operation is performed; and
the at least one responsible server then permitting the requested directory operation to be performed when it is determined that the quota of the entity will not be exceeded, and such that the server fails to permit the requested directory operation to be performed when it is determined that the quota of the entity will be exceeded.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for managing the creation of objects in a distributed directory service system assigns quotas to entities (such as users, computers, groups) to limit the number of objects each entity is allowed to create and own. For purposes of enforcing the quotas, tombstones generated for deleted objects are taken into account in the calculation of a weighted total number of objects owned by an entity, with each tombstone counted as a configurable fraction of a regular object. When an entity requests a directory operation that will increase the number of objects owned by that entity, the number of system objects owned by that entity is added to the number of tombstones multiplied by the fractional tombstone factor to generate the weighted total, which is compared to the quota of that entity to determine when the requested operation should be performed.
16 Citations
18 Claims
-
1. In a distributed directory service system that includes a plurality of directory servers connectable to one another through a network so that directory service objects are replicated through a distributed database among the plurality of directory servers, and wherein at least one of the directory servers is responsible for assigning quotas to network entities that are allowed to create directory service objects, tracking quota consumption of objects by such network entities, and enforcing quota limits as to consumption of objects by such network entities, a computer-readable medium having computer-executable instructions for implementing a method by which the at least one responsible directory server manages the object quotas for such entities, the method comprising steps for:
-
receiving at the at least one responsible server a request for a directory operation from a first entity of the directory service system, the first entity having an object quota assigned to it by the at least one responsible server, and owning a plurality of system objects and tombstones for deleted system objects, and the requested directory operation changing the number of objects owned by the first entity if performed; identifying at the at least one responsible server the assigned quota of the first entity for limiting objects owned by the first entity; calculating a total number of objects as a sum of a number of said system objects of the first entity and a number of the tombstones of the first entity multiplied by a pre-selected fractional tombstone factor; the at least one responsible server then comparing the total number with the quota assigned to the entity to determine whether the quota of the first entity will be exceeded if the requested directory operation is performed; and the at least one responsible server then permitting the requested directory operation to be performed when it is determined that the quota of the entity will not be exceeded, and such that the server fails to permit the requested directory operation to be performed when it is determined that the quota of the entity will be exceeded. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17, 18)
-
-
9. In a distributed directory service system that includes a plurality of directory servers connectable to one another through a network so that directory service objects are replicated through a distributed database among the plurality of directory servers, and wherein at least one of the directory servers is responsible for assigning quotas to network entities that are allowed to create directory service objects, tracking quota consumption of objects by such network entities, and enforcing quota limits as to consumption of objects by such network entities, a method by which the at least one responsible directory server manages the object quotas for such entities, the method comprising steps for:
-
assigning at the at least one responsible server, for each of the plurality of entities, a quota on object creation; receiving at the at least one responsible server a request for a directory operation from a first entity; identifying at the at least one responsible server the quota assigned to the first entity; calculating a total number of objects of the first entity as a sum of a number of said system objects of the first entity and a number of the tombstones of the first entity multiplied by a pre-selected fractional tombstone factor; the at least one responsible server then comparing the total number with the quota assigned to the entity to determine whether the quota of the first entity will be exceeded if the requested directory operation is performed; and the at least one responsible server then permitting the requested directory operation to be performed only when it is determined that the quota of the entity will not be exceeded, and such that the server fails to permit the requested directory operation to be performed when it is determined that the quota of the entity will be exceeded. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification