DIRECTORIES FOR 2000:.
Corporate computing, once centralized on mainframe systems, rapidly decentralized during the 1980s and 1990s. In an effort to efficiently link and manage the many individual components of network systems, directories were born. Directories provide a way of naming, describing, finding, accessing and protecting resources in a distributed computing environment.
Today's enterprise networks contain not only many systems, but also many directories. A core IT challenge is to reduce the number of directories through consolidation, migration, and integration. An effective method of managing directories is required for this consolidation effort in order to prevent disruption to end-users.
A central goal of directory management is to better facilitate the exchange of information between directories and the various applications that rely on them. A chief benefit of this approach is to lower redundancies. As an analogy, consider a corporation with five divisions, and each division maintains a phone book for names and functions. However, upon examination, it is found that on average the same name appears in three phone books--because Sales interacts with Manufacturing, and Manufacturing interacts with Marketing, etc. How do you clean up your directories? You could do it manually, but, with the ever-growing size of directories, you would be fighting a losing battle. The answer lies in automation: tools specifically designed for these tasks.
To state a maxim, in the IT industry, change is the only constant. Technology builds upon itself, escalating project development, accelerating processing speeds, and streamlining operations. That's the theory. In reality, often a big leap in technology such as the introduction of Windows 95 or Windows 2000 demands fast systems adaptation, often on an enterprise-wide scale. Failure to efficiently integrate new technologies can seriously harm a company, beginning at a core level such as being unable to link with key business systems.
Coupled with the inevitable progress of technology are the trends that impact our business environment. For instance, corporate buyouts and mergers that began in the 1980s with the real estate and retail sectors continue across many industries. Government downsizing on federal, state, and provincial levels has not abated. These influences can be termed "drivers"; that is, those critical factors that impact an industry, inevitably and irrevocably, imparting a sense of urgency to decision-making. Directory Management has been cast among the leading areas of IT planning, as it not only accommodates enterprise evolution, but also, indeed, can directly profit an organization through consolidating and focusing resources and personnel.
The more prominent drivers influencing directory management can be segmented into two groups: Business and Technical. Business drivers include mergers/acquisitions/reorganizations, customized administration, and reducing the cost of enterprise ownership. Technical drivers include Microsoft Exchange deployments, preparation for Windows 2000, and security enforcement (although, depending on circumstances, security can equally be a business policy issue).
Directory Services Vs. Directory Management
We should also distinguish between directory services and directory management because, often, the two concepts appear to overlap. Directory services--and the applications that use them--simplify key administrative tasks, such as user management, application security, and resource management, by creating what is essentially a database for enterprise networks. Directory services products include: NTDS, Microsoft's directory service for Windows NT; Active Directory, Microsoft's directory service for Windows 2000; NetWare Directory Services, Novell's directory service; and StreetTalk, Banyan's directory service. Directory management, on the other hand, manages network directory objects and their attributes in multiple directories. Typical enterprise directory management tasks include delegation, domain management, reporting, security management, policy management, directory synchronization, migration, and scripting.
A corporate merger, acquisition, or reorganization does not only impact personnel, property, and shareholders: IT systems must undergo radical transformations. According to management consulting firm The Concours Group, the costs of systems and technology integration can represent 50 to 75 percent of the entire integration budget. Their report state that, "not surprisingly, companies grossly underestimate these costs and the final price tag rings in as much as four times higher than the initial estimate."
With any corporate transition, a core if challenge is to initiate planning, policy, and procedures with the dual objectives of raising network efficiencies while lowering Total Cost of Ownership (TCO). A secure, first step in this regard is a directory management strategy including automated tools that allow a network administrator to integrate and manage directory data at an enterprise level.
Microsoft Exchange is a sophisticated messaging and collaboration platform. It includes directory service objects that are, in a sense, the raw materials for the directory management process. Exchange offers management consoles, but more advanced directory management requires that sequences of prescribed actions, more complex than simply adding, modifying, and deleting mailboxes, can be automated and scaled.
The Microsoft Exchange directory service does not exist in isolation: it coexists with the directory services of other network components, often including the Windows NT directory service. Another coexisting directory could be an organization's Human Resources application. Beyond mere coexistence, these directories can often be used in such a way that they complement and feed each other critical data. Therefore, it is important that administration techniques for these directories can interoperate with each other.
A directory management solution allows an Exchange team to manage and report on:
* The NT Domain and Administration Configuration
* The Shared Resource Configuration
* The Hardware/Software Configuration
* The Implemented Exchange Configuration
The immense popularity of the NT Server 4.0 ensures that the transition to Windows 2000 Server is both welcome and inevitable. However, taking advantage of Windows 2000's features requires some planning. An operating system upgrade of this nature can cause service level disruptions if an enterprise is not adequately prepared to make the transition, thus impacting the enterprise's productivity and, ultimately, profitability.
Large enterprises should be prepared for a period of co-existence with multiple versions of Windows NT Server running while administrators deploy the optimal implementation of Windows 2000 Server. The most significant component of Windows 2000 Server that will have a critical impact on Windows NT Server networks is Active Directory. Active Directory's increased domain capacity and its hierarchical structure will require significant planning to optimize deployment. A Directory Management approach to preparing for Windows 2000 ensures that administrators: use effective network design practices that optimize the current Windows NT Server 4.0 architecture; plan a comprehensive co-existence strategy that incorporates domain management applications that improve the management of Windows NT Server 4.0 environment and ease the implementation of Windows 2000 Server; implement a staged Windows 2000 Server roll-out, allowing the enterprise to conduct its business without interruption and with little impact to the end-u sers of the network.
In a typical enterprise, it falls to the if Manager to carry out the wishes of the executive by ensuring that the infrastructure is in place to accommodate the organization's needs. Increasingly, due to budget constraints, the if manager requires tools that will increase productivity by consuming fewer resources.
Inefflciencies creep into an organization over time and a frequent review of the type of tasks that take up employees' time identifies areas where money can be saved. Until the time spent on routine work is reduced, urgent tasks generally postpone more important but less urgent strategic matters. A directory management strategy consolidates the islands of technology that have sprung up within organizations. Directory management permits a creative approach to optimizing technology and training; in effect, an administrator can customize enterprise solutions, reducing redundancy, for example, in hardware, software licenses, and staffing costs.
Lowering The Total Cost Of Ownership
One aspect of a Directory Management approach is the implicit strategy of doing more with less, streamlining operations, reducing redundant hardware/software, and removing highly trained personnel from mundane tasks. In fact, a recent Gartner report suggests that "administering one directory instead of two can reduce users administration costs by 40 percent." Further to this conclusion, Microsoft has stated, "Higher TCO results from the expense associated with maintaining many directories containing information in various structures and formats" (Lowering TCO with Active Directory-Enabled Applications). Yet according to Forrester Research, Fortune 1000 companies still have an amazing average of 181 directories in a variety of applications and systems. Clearly, Directory management offers great potential for organizations to significantly raise enterprise efficiencies while reducing costs. Directory management fully exploits the data contained in directories and addresses such topics as passwords, administrat ive delegation, migration, and reporting capabilities--all areas that directly impact TCO.
In addition, "best of class" third party directory management tools must complement native directory tools, and be able to adapt and exploit ensuing upgrades. In this way, software investment and training costs can be significantly reduced.
A secure network ensures that only specific users can access certain information. In turn, network security is a combination of techniques that ensure a consistent level of protection against unwanted access. To implement security, an administrator must protect the network, the operating system, and the data.
For instance, network users can be given access to resources throughout the network: a directory management approach ensures these access rights are monitored and adjusted on an enterprise-wide basis. Issues such as rules for passwords (length, characters used, and so on) and login security policies can be effectively monitored and audited.
Directory management is not an all-encompassing panacea for the many challenges of large-scale network management. That doesn't exist. Rather, it is a proactive strategy for ongoing, strategic resource consolidation. Directories have traditionally been a central component of the proprietary systems they support; however, directory requirements are converging as companies recognize that there are many common data objects required by all of their individual corporate systems.
The essential features of an enterprise-scale directory management solution include a comprehensive suite of management utilities with the ability to:
* Discretely and massively integrate and manipulate data from a single directory or multiple directories at any time
* Reverse any change.
* Provide a single point of management and administration for multiple directories.
* Ensure that network performance is not affected by massive tasks performed on the directories.
* Provide simple, easy-to-use environments to create custom directory management applications.
Business and technical drivers are not threats, but rather opportunities to enhance the performance--and the return--of an enterprise. Directory management offers flexible, automated solutions for environments where, increasingly, we are asked to do more with less.
David Waugh is the vice president of marketing at FastLane Technologies Inc. (Halifax, Nova Scotia).
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||News Briefs|
|Publication:||Computer Technology Review|
|Date:||Oct 1, 1999|
|Previous Article:||PKI Security In The New Extranet Marketplace.|
|Next Article:||Network Appliances: Why Resellers And Consultants Love Them.|