[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Containment Use Case.
Jeff's right that the containment use case is very general when you
think in terms of a hierarchical directory structure. I'll try to make
this more specific.
Organizations consist of hiearchically nested OUs. Each user is bound
beneath an OU. Let's follow the lifecycle of an individual user--call
him "JoeBob".
1) Mega Corporation hires JoeBob to work as a developer.
Provisioning Subtext: Mega Corporation represents JoeBob as a
directory object that is bound beneath the "Development" OU.
Operations:
AddChild(OU:Development, User:JoeBob);
2) Joe Bob gets personal computers--desktop and laptop--
and accounts on the departmental DevServer system.
Provisioning Subtext: Mega corporation represents each of these
as some type of directory object bound beneath JoeBob's User object.
Operations:
AddChild(User:JoeBob, Desktop:JoeBob);
AddChild(User:JoeBob, Laptop:JoeBob);
AddChild(User:JoeBob, Account:JoeBob@DevServer);
3) JoeBob moves to Technical Marketing.
Provisioning Subtext: MegaCorporation moves the directory object
that represents JoeBob to a new OU. Mega Corporation policy says
that Technical Marketing reps don't need desktop systems.
Once JoeBob has copied off his data, IT takes away his desktop.
The development manager deletes (or disables) JoeBob's account
on the development server.
Operations:
SetParent(User:JoeBob, OU:TechnicalMarketing);
DeleteChild(User:JoeBob, Desktop:JoeBob);
DeleteChild(User:JoeBob, Account:JoeBob@DevServer);
NOTE: The setParent operation also moves any object that is
bound beneath User:JoeBob. Therefore, IT must removes
his desktop as a separate operation. The Development manager
also removes his account on the development server separately.
4) Joe Bob gets paid.
Provisioning Subtext: As part of corporate accounting, Mega Corporation
charges JoeBob's salary and benefits against the Development department.
Once he moves to Technical Marketing, his salary and benefits are
charged
against the new department.
Operations:
getParent(User:JoeBob)
5) Joe Bob leaves Mega Corporation.
Provisioning Subtext: As part of the exit process, Joe Bob must
return all
Corporate resources. During the interview, an HR person checks to
make sure
that all of Joe Bob's computers have been returned and all of his
computer
system accounts have been deleted (or disabled). Reluctantly, Joe Bob
surrenders his laptop system (after discreetly deleting certain files).
Operations:
listChildren(User:JoeBob);
deleteChild(User:JoeBob, Laptop:JoeBob);
deleteChild(OU:TechnicalMarketing, User:JoeBob);
NOTE: Containment operations do not address aspects of behavior beyond
their specification.
- Containment does not address inheritance.
- Containment does not affect reference relationships.
- Containment does not model any effect of policy that may be specified
in terms of containment.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]