From the Inside Out: eDirectory vs. Active Directory - a Competitive Analysis
Novell Cool Solutions: Feature
By Ted Haeger
Digg This -
Posted: 14 May 2004
From the Inside Out: Actively Keeping Your Directory
Ted Haeger, Director of Product Marketing
Novell eDirectory Product Line
The product teams affiliated with Novell eDirectory get plenty of inquiries from people asking how best to quash some of their comrades' whimsical inclinations to "move everything to Active Directory." The rationale usually goes something like this: "Duh, um...since we hafta have Windows servers, why come we don't just use Active Directory?" (Okay, that may be more a paraphrase than a quote. Except of course for the "Duh, um" part.) Microsoft also does a fairly good job of influencing higher-level managers to think that one directory is as good as another, which can create political pressures to make an unwise business decision.
The fact is that if you have any critical services running on Windows servers, it's probably in your organization's best interest to deploy Active Directory in some form or another. But the misconception that accompanies this is that deploying Active Directory means a wholesale replacement of any other directories in which your business may already be invested. And from that simplistic misunderstanding, bad business choices can result.
The product team for eDirectory recently finished a research project . We had heard that Microsoft had "fixed" Active Directory in Windows 2003 (which was a bit odd, since the version in Windows 2000 was billed as being able to stop world hunger, provide low-cost cold fusion and toast a slice of bread perfectly every time). So we dug into the product and took a look at the innovations therein. I am pleased to report that Active Directory is still pretty much Maybeline on a Yorkshire (my apologies to aficionados of the porcine agricultural arts everywhere).
To start to understand why Active Directory pales to other industry directory offerings - particularly Novell eDirectory - one must remember why Active Directory was created. Windows NT 4 Server and prior releases had major scaling and management limitations as a result of Microsoft carrying forward its legacy LanManager account management system into Windows NT Domain Services. However, rather than scrapping the old and building anew, Microsoft built a directory on many of the premises, protocols and limitations of Windows NT Domain Services. The result today is Active Directory, a retrofitting of Windows domains into a quasi-directory hierarchy.
If you are deploying several Windows servers, and want them to behave as a seamless system, there really is not any practical alternative to deploying Active Directory. At the same time, it makes little sense to architect your entire enterprise around a fiat ordained by one technology component of that enterprise - especially if you want to remain nimble enough to incorporate technologies and solutions that are not part of the Microsoft priesthood.
As you start to consider applying directory technology to grander business solutions - such as providing services to customers through the Web, making supply chain relationships come to life or systematically integrating various systems to achieve your organization's overall identity management vision - Active Directory's limitations become more and more apparent. Any long-time eDirectory fan who has dabbled in Active Directory has probably assembled a mental litany of the technical irritations and insufficiencies of using Active Directory for anything other than managing Windows servers and Microsoft Exchange. But how do you express those to managers who may not have the patience or prowess to understand the gravity created when so many details get compounded?
The product team at Novell recently published a competitive guide comparing Active Directory to Novell eDirectory for just that purpose. The approach of the paper is to examine the five qualities that an organization will need to look for in a general-purpose directory for use in enterprise and high-end deployments-scalability, compatibility, reliability, manageability, and securability - and relate those qualities to their very real impact on business. The paper then uses these five criteria to show how the two offerings measure up.
So, if you don't frequently cruise the Novell eDirectory product home page, allow me to provide you a link to the PDF - http://www.novell.com/collateral/4621396/4621396.pdf - so you can grab the doc and start putting it to work in your organization.
Finally, I want to invite your feedback on the effectiveness of this paper. I have been boning up on the philosophy of open source, and although the last time I wrote code was on a Commodore 64 (seriously, folks), I think that open source goes way beyond software development. So, consider this an informal invite to join a community and make contributions. If you have a battle story, an anti-Active Directory aikido technique, a salient technical addendum or just a suggestion for changing some of the paper's text, contact me or Shawn Dickerson (firstname.lastname@example.org) and strike up a dialog. We'd love to have your contributions.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com