MyVD is a java based virtual directory that utilizes a series of layers and routing to create an identity infrastructure.
The above pieces of MyVD fit together to create a "flow" data. To illustrate this lets show how the following virtual directory would work:
In order to fulfill the above requirements a virtual directory will need to be built with:
We aren't going to cover the specific configuration in this section, but we will show how these pieces fit together:
The above image shows all write operations (add, modify, delete rename) are directed towards the "Master" namespace while all read operations (search, modify) are sent to the DB namespace. This decision is made by the routing insert. Notice that the two namespaces have the same base (ou=people,dc=domain,dc=com). MyVD allows for namespaces to overlap. In this case there is no conflict because the routing plugin determines which namespace is utilized.
Once a namespace is determined, it's chain is executed. The "Master" namespace has only a single insert which calls a custom web service to update a user's profile. The "DB" namespace has two inserts on it's chain. The first insert enables the use of Kerberos during the LDAP "bind" operation. Since this insert handles the bind operation, execution stops there. On searches and compares however the Kerberos insert "ignores" the request by passing it down through the chain to the database insert which is configured to work with the database storing user data.
The above example shows how a complex identity requirement could be implemented using MyVD. From here you can explore the various inserts that are currently provided or how to configure MyVD.