Active Directory perpetuates NT push
For Microsoft to become an established player in enterprise-class technologies, it will have to make its esoteric directory services technology a widely accepted tool.
| Directory service: |
| An address book for every user on the network. It sits on a networked server and directs email and other data packets to their correct addresses. Such a service allows users to communicate over a network without having to know complicated addresses and prevents unauthorized users from gaining access to network resources. While it sounds simple, when the network encompasses thousands of users in hundreds of locations, maintaining the address book becomes a complicated task. |
Called Active Directory, the software represents Microsoft's attempt to become an established player in all corporate-class technologies. In delivering it as part of the next version of the Windows NT operating system, Microsoft intends to make the esoteric directory a must-have product.
Think of a directory as a phone book for your network, comprising users, devices, and applications. Whoever provides the industry's dominant phone book will ultimately have a controlling voice on how future applications are built and managed. While other phone books exist, Microsoft hopes that administrators will choose Active Directory--as well as Windows NT--because it can work more naturally with so many other Microsoft products.
For a vast corporate network, however, building a directory is far more complicated that compiling a list of phone numbers. "Directories are a huge, complex issue, and it's not something they're going to master overnight," said Shilpa Agarwal, an analyst with the Giga Information Group.
Still, Microsoft is never to be discounted, especially when it is expanding its empire by linking various fiefdoms. This has been made abundantly clear in the government's case involving the integration of Windows 95 and the Internet Explorer browser. And with its formidable resources, Microsoft is again engaging its opponents in a classic contest over "vaporware"--something that does not exist, except in primitive beta form, but must be developed to stay competitive.
According to research from Gartner Group analyst Neil MacDonald released late last year, Active Directory will be used "to some extent" in more than 50 percent of enterprise networks by the end of the year 2000, increasing to 90 percent by the end of 2002. Active Directory is also projected to be the primary directory software in 70 percent of corporate enterprise networks with fewer than 1,000 users by 2002.
"Most companies will be blind to the need for an enterprise directory and will not see the light until Active Directory comes out," said Jon Oltsik, analyst with Forrester Research. "Microsoft's timing is going to be impeccable in this case."
With so much at stake, the battleground for directory services is quickly taking shape, with Novell and Netscape Communications chief among Microsoft's opponents. Just this week, at Novell's BrainShare user conference in Salt Lake City, CEO Eric Schmidt told developers and software vendors that his company's NetWare Directory Services (NDS) is "the wedge" of its corporate strategy.
To capitalize on delays in the rollout of Windows NT 5.0 and Active Directory, now due early next year, Novell has launched a version of NDS for Windows NT that requires a NetWare server and redirects calls from an NT machine to the Novell software. The company has also cut costs in an attempt to sway buyers to take a look at its network operating system.
Banyan Systems, a sometimes forgotten network software company, has been shipping an enterprise-class directory for some time and has even migrated it to NT, though that support may largely prove to be a migration requirement, rather than a new opportunity for the firm. Other "meta" directory companies hope to offer glue that ties various platform-specific schemes together.
The forthcoming Active Directory is not that dissimilar from others on the 
market, except in the esoteric area of "domains"--a concept left over from
the company's LAN Manager OS days. To some, that difference is significant.
And Microsoft is attempting to weave Active Directory into many areas of its software. For instance, Active Directory will be used to dole out components of its Office desktop package to users' desktops, for example. And it is tightly linked to all of Microsoft's BackOffice server-based applications and technology such as Internet telephony.
But what has the industry abuzz is that Microsoft is finally promising to deliver a true network-based directory for corporate networks, essentially legitimizing the technology as a core component of an operating system and as an essential service.
A common directory service will drastically simplify key areas, such as user management, application security, and resource management. And Microsoft's clout will ensure wide deployment of directory technology, allowing developers to take advantage of what is essentially a database for your network.
Already, criticism is coming from all sides: Microsoft doesn't know corporate networking, can't eschew its reliance on an older domain-based technology scheme, and can't be expected to deliver on its lofty promises for the directory, competitors and others say.
"We'd be naive to think they'd get everything right the first time out," said Jamie Lewis, president of the Burton Group.
| Types of directory services: |
| Active Directory (AD): |
| Microsoft's own version of directory services, bundled into the upcoming NT 5.0 operating system. It will be central to almost every piece of software and technology that Microsoft will attempt to sell IS departments in the foreseeable future. |
| NetWare Directory Services (NDS): |
| Novell's version of the directory services technology, which is already widely used in the corporate market. |
| LDAP (lightweight directory access protocol): |
| LDAP started as a "lightweight" way to access a decade-old type of directory called "X.500." Netscape launched an LDAP-based directory server as the underpinnings of its server-based applications, which eventually rocketed the technology into the protocol mainstream as a "lingua franca" for communication. |
Because Active Directory is wound into Windows NT server, the fast-growing OS, the anti-Redmond camp has to remain critical of their formidable foe while respecting the number of Active Directory-enabled servers that will eventually find their way into corporate networks.
"I see the migration to Active Directory happening, no matter what's the better technology," Agarwal said.
From Microsoft's point of view, being a late entry into the full-fledged corporate directory market is a plus, with the software firm able to analyze the effectiveness of current competitors. "There's an advantage to coming into the market after a few network directories have already been out there," said Steven Judd, a program manager within Microsoft's Windows NT distributed systems group.
Competitors, particularly Novell, are quick to point to Microsoft's dependence on "domains" as an inherent flaw in the company's strategy to add a network-wide directory service to Windows NT. Domains have worked well in small installations of users and computing equipment, but the technology has been surpassed by methods that tie multiple departments and sites together to realize a network-wide view of resources.
"The vision of the mid-'70s is finally becoming real," Judd argued. "To say that domain-based schemes are bad is a knee-jerk reaction like saying IPX [the dominant Novell transmission protocol] is bad."
Due to a large installed base of Windows NT machines using a domain scheme, Active Directory must support the technology in some respects to retain backwards compatibility. "It's something they can't overcome to some extent," the Burton Group's Lewis said.
Muddying the waters is an effort called the Directory-enabled Networks (DEN) championed by Microsoft and Cisco Systems as a way to gain more network information. Some competitors have wondered whether this work will end up being a proprietary exercise dominated by the largest software company and the leading networking provider in the industry.
Those fears proved unfounded when Microsoft and Cisco announced they would be delivering their DEN specification work to the Desktop Management Task Force in the coming months. "We think the DMTF is a good forum for it," said Winston Bumpus, corporate architect for Novell and recently hired president of the standards organization.
Some point to Microsoft's roster of applications, bundled in a suite called BackOffice, as a linchpin of the company's strategy. Soon Microsoft will be able to tie its applications--such as database, messaging, and management software--into Active Directory, increasing that software's dependency on directory services. The company will also extend protocols inherent to Windows, such as the TAPI interface for telephony interoperability, to take advantage of the directory's central information repository.
Netscape, one of the leaders in the effort to standardize on LDAP (lightweight directory access protocol) for interdirectory communications, believes tying a directory to a particular OS--in this case NT--offers inherent limitations, even if Active Directory supports the protocol, which it will.
Company executives also said that Microsoft is largely following the lead of others in the directory space, and the specter of the Redmondians taking directory technology down paths that benefit the software giant alone has crossed their--as well as others'--minds.
"There's that danger in everything Microsoft does," noted Tim Howes, architect for Netscape's Mission Control software and proponent of LDAP.
Others believe the benefits of having a widely adopted directory technology will far outweigh the temptation to add proprietary hooks in the service. By getting third party applications developers on board, Microsoft will reap greater rewards by keeping its directory open, analysts said.
"I don't expect them to play proprietary games there," Forrester's
Oltsik said. "They're going to beat the bushes to make it a standard."
Go to: Software makers: A half-hearted crowd 