Should you wait for Active Directory?


By David Strom


Whenever I think about NT and enterprise directories, I think about that scene in the movie "Network" where William Holden screams, "Iâm mad as hell and not going to take it anymore!"

NT has been the bane of directories for some time: several reasons account for this. First, NT had the misfortune of being caught in the Novell/Microsoft crosshairs for several years. Second, it was never clear whether the operating system was designed for desktops or servers, and that kept potential directory mavens off the track for the first few critical years of NTâs existence. Third, Microsoft never had a decent built-in directory service for NT, despite its claims to the contrary about the current domain system. While I know several corporations that run huge NT networks, none are happy about the domain model and wish they could find something better. And finally Microsoft has taken its sweet time getting a decent directory service established for NT, even after hiring away the best and brightest lights from Banyan, DEC, and others who knew what they were doing long ago before we had to worry about this issue.

Directories are important to organize people, places, and things on your Intranet. People is an obvious one: ideally, youâd like to be able to login to your network from any machine across the enterprise, or grab your email without having to drag your machine around the building. By places, I mean keeping track of servers and applications. Having a directory means making it easy for your users to locate their work. By things, I mean network resources, and this is a real benefit from a solid directory. Witness how little time Banyan administrators require (compared to their NT compatriots) when they want to relocate a printer.

Here we are, in the fall of 1998. NT version 5.0 (where the directory improvements will happen) is still part of that great promised land of upgrades and wonât be part of our reality until next year. Meanwhile, give Novell points for trying: they finally released a production version of Novell Directory Services that runs on, incorporates, and fully embraces NT, only to be taken to the woodshed by Microsoft for changing a single system DLL to make it all happen. I mean, get real Microsoft! Since when has changing any systems DLLs been a concern of your own applications developers?

So what is an enterprise manager going to do when it comes to directories? You right now have several choices, none very attractive. You can run several different ones for different purposes (one for LAN resources, one for tracking email users, one for tracking applications). You can try to get a single uber-directory that will work for everything, and try to force-fit your applications to recognize it. You can strike out for the least-common denominator of products and pray that that is sufficient.

So, we are stuck. NDS works well for keeping track of LAN resources: that is what it was designed to do, and it still excels at this task. But as the NDS for NT debacle demonstrated, you still needs a NetWare server, and the last time I looked, NetWare doesnât run on NT. Maybe you wait for Microsoft to get their act together on Active Directory-Enabled Networking, or whatever they will end up calling what will be part of NT 5.0. Thatâs nice, but things could slip and I wouldnât want to run my enterprise on Microsoft promises: been there, done that. Or maybe LDAP will eventually be interoperable, compatible, cross-platform, and useful. Yeah, right, and there are plenty of people that believe in the tooth fairy, too.

I wish I could wave my magic wand and solve this problem. But I canât: I can just vent and write columns. Meantime, youâll probably hear me screaming outside my office window.