Novell Inc is footing the bill for a new consortium that aims to make it easier for applications developers to write directory- enabled products which can run across different computing environments. The Directory Interoperability Forum also includes IBM Corp (and its Lotus Development division), Oracle Corp, Data Connection Ltd and Isocor Inc as founding members. Over 30 other companies – including AT&T Co, Cisco Systems Inc and Lucent Technologies Inc – are supporting the effort, which will work closely with standards groups such as the Internet Engineering Task Force, the Open Group and the Desktop Management Task Force.
Microsoft Corp, building up for the release of its own Active Directory, declined to join the group, and instead announced yesterday the acquisition of Canadian metadirectory firm Zoomit Corp. Terms were undisclosed. Microsoft plans to integrate Zoomit’s VIA metadirectory technologies into Active Directory, and says the move will put Active Directory at the center of enterprise identity management. Using the Zoomit technology, Active Directory users will be able to manage and identify data such as account information, passwords, configuration and access rights stored in various directories across a company. Microsoft says it also intends to supplement Active Directory to support applications and network services that store identity information in places other than directories.
Microsoft points to industry research showing that the average enterprise manages identity in more than 100 places, including directory services, email address books and application databases. Zoomit’s metadirectory, extended by Microsoft to manage identity data kept outside the directories, will simplify enterprise identity management and more easily blend in with existing business processes, Microsoft claims. Even so, Jim Allchin, senior VP of the Personal and Business Systems Group at Microsoft, admits that directory services are the ideal long- term repository for identity management.
Both IBM and Isocor, members of the new consortium, have metadirectory products – and Novell is preparing to launch metadirectory technology of its own, called Virtual Replica sometime soon. But Novell spokesperson Michael Simpson said that metadirectories were only helpful for the immediate problem. It’s like putting a Band Aid over a bullet wound – the problem is inside, and it won’t go away until you dig the bullet back out. Metadirectories assume that fragmentation will get worse, he says. Instead the DIF aims to make it easier for applications developer to write to a directory. Once that happens, then the need for a metadirectory goes away he says.
Although the LDAP lightweight directory standard is now used as the basis for most directory efforts, including Active Directory, it doesn’t support strong authentication, access control or a standard method of administration. Novell says it’s been working with IBM and others to supplement LDAP (with replication specifications like LDUP for instance), but now wants the industry to consolidate their efforts in other areas where functionality is missing. The IETF and the Open Group will coordinate the activities. DIF will hold its first meeting at the Open Group’s Montreal meeting in two weeks time, and plans initially to issue interoperability guidelines for developers. By the end of the year, it hopes to have consolidated software development kits out onto the market, and promises conformance testing and interoperability certification.
The consortium also hopes to attract the interest of the application developers themselves. We want more application vendor involvement says Simpson. If application developers don’t write to a directory, then they need to develop and maintain their own systems for users accounts, authentication and admin. If they write to a standard, it will be possible for them to inherit all of the data that already exists within a directory. The biggest barrier to new applications is getting the data into them, says Simpson.
But he also says that Microsoft – and the legacy X.500 directory services companies such as Siemens AG, Peerlogic Inc and Control Data Corp – are all welcome to join. We are trying to expand the market he says. Novell has even rejoined the Open Group – which it left when it exited the Unix market – now that there is a new focus on directory services.
Meanwhile Microsoft says its Zoomit acquisition will take metadirectory services out of their niche and into what it sees as a new mainstream identity management market. Part of Windows 2000 Server, Active Directory is expected to ship later this year. The Zoomit technology isn’t likely to be integrated until next year. Microsoft is expected to support Zoomit’s current customer base, which includes large companies such as the Prudential Insurance Co and Exxon Corp.
