Chapter 4. Designing the Directory Tree

The directory tree provides a way to see the data stored by the directory service. The types of information stored in the directory, the physical nature of the enterprise, the applications used with the directory, and the types of replication implemented shape the design of the directory tree.
This chapter outlines the steps for designing the directory tree.

4.1. Introduction to the Directory Tree

The directory tree provides a means for the directory data to be named and referred to by client applications. The directory tree interacts closely with other design decisions, including the choices available distributing, replicating, or controlling access to the directory data. Invest time to properly design the directory tree before deployment. A properly designed directory tree can save considerable time and effort both during the deployment phase, and later when the directory service is in operation.
A well-designed directory tree provides the following:
  • Simplified directory data maintenance.
  • Flexibility in creating replication policies and access controls.
  • Support for the applications using the directory service.
  • Simplified directory navigation for directory users.
The structure of the directory tree follows the hierarchical LDAP model. A directory tree provides a way to organize the data in different logical ways, such as by group, personnel, or place. It also determines how to partition data across multiple servers. For example, each database needs data to be partitioned at the suffix level. Without the proper directory tree structure, it may not be able to spread the data across multiple servers efficiently.
In addition, replication is constrained by the type of directory tree structure used. Carefully define partitions for replication to work. To replicate only portions of the directory tree, take that into account during the design process.
To use access controls on branch points, also consider that in the directory tree design.


Directory Server supports a concept for hierarchical navigation and organization of directory information called virtual directory information tree views. See Section 4.4, “Virtual Directory Information Tree Views” before designing the directory tree.