Though it hasn't even entered a widespread beta yet, developers who are working with an early version of Windows NT 5.0 are complaining that a new feature of the OS--Active Directory--is a burden for system administrators. The problem evolves around the issue of unique user names in a network. Ideally, all users should have a unique user name, so that they can log in and get the correct settings. In current builds of NT 5.0, however, it is up to system admins to ensure that user names are unique. Large organizations, especially, will have problems doing this.
Basically, Windows NT 5.0 uses two methods to login users using Active Directory. The first, known as RFC-822 naming, is an Internet standard that attaches a user name to a domain name (the familiar [email protected] system we all know and love). Using RFC-822 is convenient and easy unless two users want to use the same name. Windows NT 5.0 also uses LDAP full naming, which creates cumbersome X.500-style addresses. The benefit to LDAP is that it is almost impossible to create two identical addresses.
To fix the problem, Microsoft may extend RFC-822 or create a proprietary naming solution.
"There are elements that remain fluid \[in Win NT 5.0\]," said Rob Lane, a systems engineer at Microsoft.
Unfortunately, Microsoft has decided that system administrators must ensure that user names are unique within a domain. Other network operating systems only require that names be unique within smaller units. Despite tester's assertion that this needs to be changed, Microsoft insists that it does not need to change its log-in system.
"We talked to customers, and they indicated that they would prefer it this way," said Jeff Price, a Microsoft product manager. "At Microsoft where we have several Jeff Prices, my log-in name would be [email protected], while another may be jeffprice and another would be jeffp," he said. "We feel this is the best way to provide flexible log-in.