NT 5.0 Active Directory glitch found

Though it hasn't even entered a widespread beta yet, developers who areworking with an early version of Windows NT 5.0 are complaining that a newfeature of the OS--Active Directory--is a burden for system administrators.The problem evolves around the issue of unique user names in a network.Ideally, all users should have a unique user name, so that they can log inand get the correct settings. In current builds of NT 5.0, however, it is up to system admins to ensure that user names are unique. Large organizations, especially, will have problems doing this.

Basically, Windows NT 5.0 uses two methods to login users using ActiveDirectory. The first, known as RFC-822 naming, is an Internet standardthat attaches a user name to a domain name (the familiar name@domain systemwe all know and love). Using RFC-822 is convenient and easy unless twousers want to use the same name. Windows NT 5.0 also uses LDAP full naming,which creates cumbersome X.500-style addresses. The benefit to LDAP is thatit is almost impossible to create two identical addresses.

To fix the problem, Microsoft may extend RFC-822 or create a proprietarynaming solution.

"There are elements that remain fluid [in Win NT 5.0]," said Rob Lane, a systems engineer at Microsoft.

Unfortunately, Microsoft has decided that system administrators must ensurethat user names are unique within a domain. Other network operating systemsonly require that names be unique within smaller units. Despite tester'sassertion that this needs to be changed, Microsoft insists that it doesnot need to change its log-in system.

"We talked to customers, and they indicated that they would prefer it this way," said Jeff Price, a Microsoft product manager. "At Microsoft where we have several Jeff Prices, my log-in name would be [email protected], while another may be jeffprice and another would be jeffp," he said. "We feel this is the best way to provide flexible log-in.