Architecture, About directory sync architecture, Technologies used – Google Postini Directory Sync Configuration Guide User Manual

Architecture

7

Architecture

Chapter 2

About Directory Sync Architecture

Directory Sync is an optional feature included with the enterprise edition of the
email protection service. Directory Sync connects to your directory server, using a
Secure Sockets Layer (SSL) connection and basic authentication.

Directory Sync runs on the email protection servers. You’ll need to set up a DSML
server to allow Directory Sync to connect and upload information. See “Microsoft
Active Directory” on page 11 for more setup information for Microsoft Active
Directory, and “Sun ONE Directory Server” on page 57 for more setup information
for Sun ONE Directory Server.

This section provides an architectural overview of how organization structures are
mapped, technologies used, and synchronization data flow.

Technologies Used

Directory Sync connects to your network using DSML v2, through an SSL
connection and basic authentication.

Directory Servers

A directory server is a repository for information about an organization, which
typically includes user properties. Other applications can then connect to the
server to collect, use and sometimes change this information. One way to store
and provide this information is a protocol called LDAP (Lightweight Directory
Access Protocol), which stores organization information in a hierarchy called a
tree. A Base DN (Distinguished Name) provides a location on the tree for
particular information. For instance, a Base DN might specify where to find the
user list for a particular department.

Directory Sync acts as a client, connecting to the directory server and collecting
information about users and aliases. It then updates your the email protection
service’s user lists based on this collected information, adding, deleting and
moving users. This allows you to update large user lists quickly and thoroughly.