FRAMINGHAM (03/10/2000) - The directory concept - a single place for address information about all the resources for a network or an application - is so elegant and logical, it's no wonder it has generated a lot of attention.

Typically, an enterprise will have different kinds of data in different proprietary directories. E-mail addresses are held in a messaging system, date-of-hire information is locked away in a human resources application, and network identifications are kept in a network operating system's directory.

An enterprise with 100,000 employees can easily have 70 or 80 directories to manage, says Jamie Lewis, an analyst at The Burton Group in Midvale, Utah. And each employee will have different access rights to each directory.

E-commerce demands crank up the pressure. "If you can't manage hire/fire data for 100,000 employees, how are you going to manage data for potentially millions of customers?" Lewis says.

The obvious - and wrong - answer is "one uber-directory shining down from the sky," he says. As appealing as the uber-directory is, "it turns out not to be very practical or doable," Lewis says. Companies can't replace e-mail directories, enterprise resource planning systems and other applications that include their own directories overnight. Instead, he says, enterprises must build a unified infrastructure for managing multiple directories.

Directory service software, such as Novell Inc.'s Novell Directory Services (NDS) and Microsoft Corp.'s Active Directory, tracks employee and security information in the directory. Standards such as X.500 and Lightweight Directory Access Protocol (LDAP) define a format for storing and accessing that information.

Which directory service an enterprise selects to build on depends on the existing infrastructure, according to Lewis. "If you've decided on Novell as your strategic vendor, you'll go with NDS; if Exchange is your primary messaging system, you'll go with Active Directory," he says.

Deployment Decisions

The greater question isn't if but when a company will select a primary directory service. The question of when is "an issue of where a company is in its requirements planning," says Sara Radicati, principal analyst at The Radicati Group Inc. in Palo Alto, Calif.

If a company is considering Active Directory and Windows 2000 but has a working method to manage its systems, it can afford to wait, she says.

"But spending another year with some lousy method," instead of starting to deploy the directory service, "just doesn't make sense," Radicati says.

And benefits accrue to early adopters. "They tend to get better support, and typically, they get a say in how the application evolves," she says.

NDS has had time to mature during the past six years. A study The Radicati Group completed in December puts the installed base for NDS at 33 million users; Novell claims to have 50 million users.

Active Directory and Windows 2000 will catch up. Radicati predicts that Microsoft's directory services will grow at a rate of 40 percent to 45 percent per year for the next five years.

Either of the two leading network operating systems' LDAP directory services, or a more sophisticated but difficult-to-manage X.500 directory service, will simplify administration. They hold digital signatures and other security information to let an enterprise efficiently manage public-key infrastructure applications.

They can also hold software and hardware inventories. When it's time to roll out an upgrade, finding a list of all users with SpreadSheet Version 8.12 is just a query away.

A company may standardize on a network operating system directory but choose another, such as Netscape Communications Corp.'s Netscape Directory Server, for an e-commerce application. It also could select a stand-alone product such as Novell's eDirectory, released this year, Lewis says.

Join the newsletter!

Error: Please check your email address.

More about Burton GroupLogicalMicrosoftNDSNetscape Communications CorpNovellRadicati Group

Show Comments