Novell Directory Services (NDS) has long been the market leader in the NOS-integrated directory services market space. But Novell has struggled somewhat in the application directory market. Competing with Netscape's Directory Server and other Lightweight Directory Access Protocol (LDAP) products has been difficult, chiefly because of performance and scalability concerns. But NDS 8, released last week on Novell's Web site, definitely brings Novell back into the game.
With the explosion of Internet-based applications, some of which require the back-end directory to scale well beyond one million object entries while maintaining respectable performance, NDS has been virtually discarded as an option for large Internet-based applications and ISPs looking to adopt directories to host customer data. And with Microsoft's Active Directory now on the horizon, Novell had to find a way to increase the performance and scalability of NDS to stay ahead of the pack.
The main performance concern with NDS as an application-based directory is LDAP. NDS has not been a strong performer in this area, and it has lacked support for specific LDAP-based properties, such as the LDAP domain property. NDS 8 answers these questions.
Deploying NDS 8 in your organisation should result in cost savings associated with improving directory scalability, performance, and maintenance. If you are looking to deploy NDS 8 as an application directory, you should be able to reduce support costs through directory standardisation for both the NOS and applications.
In NDS 8, Novell has totally redesigned the NDS database architecture -- the company says it has tested the new architecture with more than a billion objects (although I was not able to verify this claim in my tests). Central to the redesign of NDS is the inclusion of specific indexes, such as substring indexes for the common name and unique ID data fields, within the NDS database, which provides a nice boost in query performance.
Another important improvement is the native implementation of the LDAP 3 protocol into the directory. This should serve to improve query performance. I found that setting up NDS for LDAP access was basically seamless, in contrast to some difficulties I had experienced with the previous LDAP connector add-on. I also found that LDAP query performance was fairly respectable in my tests.
Novell claims NDS should be able to sustain 200 to 300 queries per second, a definite improvement over prior versions. But Netscape claims performance of about 5000 queries per second. Some side benefits of NDS 8 that are not directly related to directory performance are a new and improved version of Novell's ConsoleOne Administration tool, a batch-load directory population tool, and an updated version of DSRepair (dsrepair.nlm).
I found the new version of ConsoleOne to be a solid improvement over the version released in NetWare 5. The new version, ConsoleOne 1.2, provides better support for various NDS object types and is quite a bit peppier than the prior version. However, ConsoleOne still performs quite a bit more slowly than NetWare Administrator, and there still is not complete feature parity between the two administration tools. In addition, after my upgrade when I loaded ConsoleOne from the NetWare graphical console, the older version of the tool continued to load instead of the new one.
Novell also includes a new bulk load.nlm, which I was able to use to import users into the directory from a standard LDAP Data Interchange Format file. I found this method of populating the directory quite effective. I was able to import 500 users in about 2 seconds. My 100,000-user file took a little more than one minute to process.
Finally, the new version of DSRepair that ships with NDS 8 enables administrators to perform some maintenance options, such as performing structure checks and actually repairing the NDS database, without actually locking the database. Therefore, these operations can now take place without disrupting service to end users.
Overall, NDS 8 provides marked improvements over the current technology. And since the product is free to NetWare customers, there is good reason to perform the upgrade for current sites.
However, read the installation notes carefully; there are a number of conditions that may need to be met to ensure success in your environment.
If you are considering NDS to support an application, this release really begins to make the technology suitable to that task. But I recommend performing query performance tests with your final candidates before you make that decision.
Senior Analyst Jeff Symoens (firstname.lastname@example.org) reviews enterprise platforms and services.
The bottom line: very good
Novell Directory Services (NDS) 8
Summary: This update to Novell's NOS-integrated directory services provides better scalability and performance, as well as new support tools for improved maintenance and management options.
Business Case: NDS 8 is ideal as a back end for Internet-based directory-enabled applications. For current NetWare sites, it will provide greater directory scalability and performance, plus reduced maintenance downtime.
+ Improves scalability and performance
+ ConsoleOne provides better performance and directory object support+ Bulkload.nlm tool makes it easy to quickly populate the directoryCons- ConsoleOne still does not offer full feature parity with NetWare Administrator and could still use some performance improvementsCost: Free to NetWare 5 customersPlatforms: Requires NDS 4.10 (or later) on all servers and NetWare 5 (with Support Pack 2) on at least one server