For years, Novell Netware, a popular local area network operating system developed by Novell Corporation, has dominated the PC networking landscape. But with the introduction of Windows NT several years ago, Microsoft drove a stake in the ground and has been dedicated to taking away Novell's networking operating system business ever since. While less publicized than Microsoft's conflict with Netscape over Internet browser software, the war over network operating systems may be more important in the long run. When the dust settles, one company could have control of the basic platform for network computing, allowing it to dictate the face of enterprise networking for years to come.
One of the pivotal battle lines is formed along a front called "directory services." Novell currently leads the way with NDS (Novell Directory Service), which first became available in Netware 4.0 and is also offered in the most recent version of its software, Netware 5.0. Microsoft is hoping to weigh in with its Active Directory service, to be made commercially available with the release of NT 5.0, currently only available as Beta test software.
What's in a Name?
Network operating systems bring together resources made available to users who have rights to access the network. Resources include such things as printers, files, applications or other computers. A directory service could be thought of as a central network database containing information specific to the network and its resources.
A directory service manages network resources to make them transparently available to users. It helps synchronize user information between multiple servers. A true directory service goes well beyond what are commonly known as "name services" -- relatively unadorned software that often provide services to a single application. For example, UNIX-based applications that require a user name and password to gain access may rely on a name service specific to that application. When a new user needs access to the application, an administrator must establish a user account that defines the user and privileges for that application only. Users are often required to log in to each application they need to access.
In our networked world, in which many users need access to many applications on many servers, the overhead of maintaining user accounts can get quite expensive. Directory services aim to alleviate that problem by providing what Ari Kaplan and Morten Strunge Nielsen, in their book NT 5: The Next Revolution, describe as a "physically distributed, logically centralized storage place for data that is used to administer the entire computer environment."
A directory service should make it easier to administer large numbers of servers, users and network resources in an enterprise environment. It should also provide users with the ability to easily locate network resources, including other users. Because of the explosive growth in networks and their increasing importance to core agency and business processes, many experts believe that directory services will be the next big thing in network computing.
X.500: Standard Issue
Most discussions of directory services at least mention the X.500 standard. Originally approved by the International Telecommunications Union in 1988, it defines a set of protocols and standards for global distributed directory services. However, like the Open Systems Interconnect model for network communications, X.500 has become more useful as a reference for describing or forming the conceptual basis for directory services than for actual implementation.
X.500 envisions a worldwide hierarchical directory structure that can include users, data, hardware and applications. Some have criticized X.500 as being too complex for implementation. At least partially in response to those criticisms, the University of Michigan developed the Lightweight Directory Access Protocol (LDAP) to implement one of X.500's protocols, but in a simpler way, optimized for ease of use and accommodating Internet requirements. Initially, the LDAP was designed primarily to allow users to query directories.
However, the LDAP itself has begun