Directory Services Get Active

With the emergence of Win2K, directory services might not remain a niche market. Can all the players agree on a directoty services technology stardard?

Barrie Sosinsky

October 27, 1999

6 Min Read
ITPro Today logo in a gray background | ITPro Today

Windows 95's major feature was Web browser integration into the OS; Windows 2000's (Win2K's) major feature is the incorporation of Active Directory (AD) into network services. With the release of Win2K, analysts expect the directory-services market to mature and become an active area of contention among the major software vendors developing on the Win2K platform. Directories are a crucial component of enterprise network planning. Directories let a business store demographics, security, network and device configuration, messaging infrastructure, and other important information. And because directory services are extensible, we can't predict how pervasive the technology might eventually become. Moreover, directory technology isn't an area in which the big software vendors want Microsoft dictating the agenda.

In early July, the competition to set the agenda for managing heterogeneous networks' directory services began in earnest when Novell, IBM, Lotus Development, Oracle, Data Connection, and ISOCOR jointly announced the creation of the Directory Interoperability Forum. This group seeks to merge the various directory services into a standard based on the Lightweight Directory Access Protocol (LDAP) that will greatly reduce the number of directory services that independent software vendors (ISVs) will have to write products for. This group signed up more than 20 companies that pledged to make their software compliant with Directory Interoperability Forum standards. (For more information about the Directory Interoperability Forum, see http://www .directoryforum.org.)

The Directory Interoperability Forum noted that a Forrester Research study concluded that Fortune 500 companies typically maintain as many as 190 separate directories, making interoperability among the applications that use the directories crucial. So, having a standard directory for applications and services can make a network manager's job much easier and make writing enterprise software less complicated—especially in heterogeneous networks. A company can obtain significant benefits in the area of network management, security, e-commerce, and information interchange. Especially important to ISVs is the creation of open standards so that they can write their applications to these standards without having to redesign network infrastructure. The goal of the Directory Interoperability Forum is to provide developer tools, such as a software development kit (SDK), to help ISVs incorporate these functions into their applications. To create and codify these standards worldwide, this group will work with industry-standard associations such as the Internet Engineering Task Force (IETF), the Open Group, and the Desktop Management Task Force (DMTF).

This initiative has been in the works for several months, and in the intervening time, the Directory Interoperability Forum tested several major applications that conform to the LDAP standard. The members of the Directory Interoperability Forum stated that the following LDAP-enabled directory services products interoperate: IBM SecureWay Directory, Novell Directory Services (NDS), Lotus Domino Directory, and Netscape Directory. Applications that this group tested include IBM WebSphere, IBM Blue Pages, Lotus Domino, Lotus Notes, Novell GroupWise, Novell Net Publisher, and Tivoli Systems' systems-management products.

Conspicuously absent from the list of group members were two new major directory-services vendors: Microsoft and Netscape. Also absent were America Online (AOL) and Sun Microsystems—the two companies that are carving up Netscape's technology base. Although the Directory Interoperability Forum approached Microsoft and Netscape, the companies declined to join the group. However, the Directory Interoperability Forum is building its directory-services model, API, and SDK around the LDAP standard, which Microsoft and Netscape based their directory-services products on. Therefore, Microsoft and Netscape might eventually join the group and ensure that their products are fully compatible with the Directory Interoperability Forum standard.

You have to wonder whether Novell's window of opportunity for establishing NDS as the Windows directory services standard is closing. Novell had a 2-year advantage over Microsoft and AD and enjoyed many technical advantages also—not the least of which was that NDS was stable, tested, and proven. For Novell's comparison of NDS with AD, see http:// www.novell.com/advantage/nds/nds-active.html. Novell posted this paper in response to Microsoft's white paper touting AD's advantages over NDS and other directory-services products. For Microsoft's comparison see http://www.microsoft .com/windows/server/eval/comparisons/default.asp.

Analysts have speculated that Novell might choose to release some part of NDS into the public domain to spur greater usage of the product. Although Novell could release some part of NDS as public domain, the company is hoping that it can blunt the effect of AD's release by playing a role as a standards creator. So far, Novell has concentrated on establishing strong partner relationships with vendors to use NDS, as Novell did in August with its announcement that NDS will interoperate with AOL's instant messaging feature.

As Win2K matures, perhaps the industry will head toward a directory-services standard that all vendors try to support. The question is, will the standard be AD or will the standard be what the Directory Interoperability Forum proposes? Microsoft is certainly hedging its bets by positioning AD to be able to communicate with other directories through middleware. Shortly after the Directory Interoperability Forum's announcement, Microsoft announced that the company had acquired ZOOMIT, a leading provider of metadirectory products. Microsoft will incorporate the ZOOMIT technologies into AD, thus providing a way to access the information that other vendors' directory services contain. With ZOOMIT's technologies, you can configure updates to data stored in AD to flow automatically to third-party directories, applications, and services.

Novell is also entering the metadirectory arena with the introduction of DirXML. Novell claims that after it adds the DirXML technology to NDS, NDS will be able to connect to any data store that supports Extensible Markup Language (XML), such as applications, network operating system (NOS) directories, databases, network devices, enterprise resource planning (ERP) systems, and other metadirectories. Novell plans to have a DirXML beta available by fourth quarter 1999. DirXML lets you set security rights to an application to limit what directory information the application can access. For example, an e-commerce application could use a portion of a directory that it has rights to access. Novell plans to make DirXML available on NetWare 5.0 and Windows NT upon initial release, and follow up with Sun Solaris and Linux soon afterward.

Jamie Lewis, president of The Burton Group and industry analyst specializing in emerging network computing technologies, said, "Metadirectory technology plays an important role in creating an integrated enterprise directory infrastructure. By integrating ZOOMIT's metadirectory technology with AD, Microsoft is taking metadirectory services out of its niche status and delivering a comprehensive enterprise identity-management solution for the mainstream market."

At The Burton Group's Catalyst 99 conference in July, Novell, Microsoft, IBM, Oracle, Sun, Netscape, and Bowstreet Software announced their agreement to extend XML to provide for directory-services communications. This fall, these companies intend to present the Directory Services Markup Language (DSML) specification (which Bowstreet Software developed) to a standards group for adoption. DSML will provide a standard for querying the data that the directories hold to let directories exchange information about their data. The data could be exchanged using XML and would be available to any Web application that supports the XML standard.

Bowstreet Software meant DSML to complement LDAP. What LDAP provides is a standard method to access directory information. DSML describes the data in plain text so that ISVs can parse the information and display the data in Web-based applications. "The ability for the directory to describe itself is important," said Lewis. "These vendors will never agree on standardized schema, but they have agreed on how they describe their schema."

Stay tuned, because we're seeing only the beginning of important activity, new products, and significant news announcements in the directory-services area. AD serves as a lightning rod for directory services, lighting up what was a niche market segment of products.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like