Directory Synchronization Services Zooms to Beta 2

Last month, Microsoft announced that the Microsoft Directory Synchronization Services (MSDSS) and Zoomit VIA 2.1 metadirectory went to second beta release. These products provide bidirectional synchronization of data you store in Windows 2000's (Win2K's) Active Directory (AD) with other directory services, most notably Novell Directory Service (NDS). Microsoft has positioned these products to fill a gap in its line of enterprise network operating systems (NOSs) for heterogeneous network support. Microsoft has come under pressure from large enterprise partners, such as IBM, to provide these features in Win2K. To emphasize the importance of this release to Microsoft’s strategic plans, Microsoft announced that it will provide these products immediately through Microsoft Consulting and to other Microsoft service providers. The press announcement quotes Daniel Blum, senior VP at the Burton Group: "With this announcement, Microsoft has addressed a major customer requirement by delivering metadirectory and directory synchronization tools needed to effectively manage multiple directory environments. These interoperability tools will help customers accelerate Windows 2000 migration, while enabling coexistence with other directories and environments in the enterprise." The Burton Group follows this area of technology closely and recently sponsored a conference on directory synchronization and related topics. Forrester Research has found that large corporations maintain an average of 181 separate directories, and that 42 percent of these companies manually update the information in their directories when an employee's status changes. Many experts believe that a successful implementation of an uber directory service is the key to achieving a significant return on investment for the next generation NOS. Metadirectories, such as Microsoft's Zoomit and Isocor's MetaConnect, connect network databases, OS directories, email address books, human resource (HR) systems, and application directories. These metadirectories also preserve the investment made in those systems. The power of these tools is why many industry analysts considered Microsoft’s acquisition of Zoomit so crucial. MSDSS is especially important for customers who plan to integrate Win2K's AD into NDS networks. Both Microsoft and Novell want to provide their enterprise customers with the network management tools to access and maintain the data in network directories. With two-way synchronization capabilities, administrators can manage shared data, such as user account information, from either directory. You manage MSDSS using a Microsoft Management Console (MMC) snap-in, and MSDSS supports all versions of NDS and bindery directory services. Once you go beyond managing the data, you need a way to synchronize the information between different directories. Zoomit’s VIA 2.1 provides the interoperability for propagating changes between multiple directories and enforcing business rules, while maintaining data integrity between multiple repositories. VIA 2.1 is available for free to Microsoft customers. Microsoft is also committed to deliver a new version of the VIA technology that integrates more closely with AD after the release of Win2K. Microsoft will release MSDSS as part of Services for NetWare (SFNW), a set of utilities that provide the tools you need to interoperate with and migrate from Novell NetWare environments to Win2K. NDS is a long-established and proven product with a 6-year track record, while AD is part of a brand new OS. NDS is highly scalable, and NDS 8.0 will support as many as 1 billion directory entries. In an effort to counter Microsoft’s OS advantage, Novell introduced in July its Single Sign-on directory technology, which stores identity and authentication information in NDS and reduces the number of passwords and other directory entries that you need to manage. The introduction of Win2K and AD will make life more problematic for NetWare administrators. In the previous versions of NDS, the software would redirect authentication and access calls intended for the NT SAM database to NDS. However, Microsoft has written AD in such a way that redirecting calls would require Novell to reverse engineer an entire subsystem to make these redirects work—that reverse engineering isn’t going to happen. Even though Novell recently promised to provide a redirect feature, it now plans to replace redirect with a bidirectional synchronization tool known as DirXML. Both NDS 8.0 and DirXML will ship early next year. The demise of redirect means that NDS administrators can no longer avoid administering Windows and will have to manage both NOS directories. The burden on administrators in a mixed Win2K and NetWare environment is going to increase significantly. Keeping passwords in synch, for example, in this mixed environment will require that capability to be part of DirXML, something Novell is working toward. Cyndi Tetro a product manager of NDS, has said “The push is to manage user objects from both directories as one object.” Novell will need to scramble to recreate the redirect functionality in a bidirectional world. In this regard, Novell licensed NetVision’s Synchronicity in September, which provides one place for user administration using the NetWare administrator, NDS’s management console. Synchronicity gives NetWare administrators another option in managing a heterogeneous environment and will cut the amount of management overhead. This licensing is also recognition on Novell’s part that redirect’s days are numbered. Clearly, Microsoft is hoping that MSDSS will provide a bridge that will let NetWare NDS customers move to AD, and has released these tools months earlier than most observers had anticipated. You can find more information about MSDSS at Microsoft's Web site.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.