Talking About NDS eDirectory With Novell's Samm
DiStasio
Novell recently announced two new directory service products:
NDS eDirectory and NDS Corporate Edition. To find out what
features these new products offer and how they differ from Novell
Directory Services (NDS), NetWare Connection talked to Samm
DiStasio, director of NDS-enabled products for Novell.
Q: Can you explain the differences between NDS eDirectory
and NDS Corporate Edition?
Samm: NDS eDirectory is NDS 8 on Solaris, NT, NetWare--and
Linux in the first part of 2000. It is also an LDAP 3 directory, and we feel we have the
best LDAP implementation available.
NDS eDirectory is focused on companies that want to face their information and services
toward customers. If companies want to trade profiles and authentication services on the
Internet, they would buy NDS eDirectory because it's an LDAP 3 directory that scales
better and is proven. When companies say, "I want to put my four million customers in a
directory service and customize services and products," they don't care if that directory
service integrates with Solaris, NetWare, NT, or Linux security. They want to use the
directory as a repository for more information.
You can also think of NDS eDirectory as a backbone directory. Other directories such as
Active Directory or Netscape's directory just plug into the bigger picture.
NDS Corporate Edition, on the other hand, is NDS eDirectory plus the OS integration
technology commonly referred to as redirection. NDS Corporate Edition replaces what
used to be known as NDS for NT, NDS for Solaris, and so on. When you buy NDS
Corporate Edition, you get all of the platforms Novell supports in one package for one
price.
NDS Corporate Edition is focused on the typical NOS management market. For example,
if customers want to integrate NetWare and NT user account information, they would buy
NDS Corporate Edition.
Q: What functionality do NDS eDirectory and NDS Corporate Edition provide that
NDS does not?
A: For the first time, NDS is not only cross-platform (because it has been cross-platform)
but OS independent, meaning there is no NetWare dependence in the code. For example,
you can run a complete Solaris or a complete NT shop on NDS eDirectory.
In addition, NDS 8 was available only on NetWare until now, and we have unified a set of
source code for all platforms. In the past, our cross-platform products had different source
code, and we had to do some integration work to make them work together. Now, we
have the same set of code with a platform-specific layer.
Finally, the packaging really focuses on specific market segments. NDS eDirectory is
focused on the e-business market and is priced accordingly at U.S. $2 a node. NDS
Corporate Edition is NOS-focused and is priced at U.S. $26 a node.
Q: If I were a customer of a company that has purchased NDS eDirectory, what
kind of interface would I see?
A: That depends. NDS eDirectory does not provide the interface; it provides information
to the application that provides the interface. For example, CNN is using NDS eDirectory,
and when you log in to the CNN web site, it retrieves your customer information, which
describes who you are, from NDS eDirectory. Then CNN can give you targeted
advertising or your personal preferences, including what news you want to see.
CNN was using a relational database to provide these customized services, but the core
value proposition of a directory database--especially in this world of e-business--is speed
and how quickly you can modify the solution to do other things. CNN was finding that it
was labor intensive to turn a relational database into a type of profile and authentication
database.
CNN has found that a directory is a more appropriate solution for personalization and
authentication. For example, CNN was able to use NDS eDirectory out of the box with
little modification, which means they can get their products to market faster. CNN can also
extend NDS eDirectory to their other properties much faster. Finally, there is a support
issue. When you do a ton of customized work, only you can support your solution.
It's important to mention that CNN didn't displace their relational database. Instead, the
server is providing standard relational database functionality that CNN absolutely requires.
Directory services and databases are side-by-side technologies that enhance a company's
web site. A directory service is simply a better solution for providing customized services
on the Internet. I don't know who came up with this quote, but I read it in a book: "There
are two types of people on the Internet, the quick and the dead." NDS eDirectory enables
you to be quick, rather than dead.
For other customers, the NDS eDirectory interface is a product like ZENworks that
automates and streamlines the management of their most expensive asset, the personal
computer. Other interfaces include Novell Single Sign-on for password management,
Novell Certificate Server for issuing and managing digital certificates, Novell Internet
Messaging System (which is Internet e-mail managed by NDS eDirectory), plus many
more that are coming and are commonly referred to as Novell's "10 Zens."
Q: NDS eDirectory scales to one billion objects. Do companies need one billion
objects?
A: A couple of years ago, who would have dreamed that a laptop would have a 13 GB
hard drive? But you use it now.
Customers are starting to say, "We have one billion customers who subscribe to different
services within our company." The number of objects is going to explode--especially when
companies do business-to-business. Then companies will have a representation, or a set of
objects, for multiple companies in their own directory service, and these objects will
represent their business relationships.
One billion objects may seem far-fetched today, but it is going to happen sooner than
people think.
Q: What can you tell us about future releases of NDS eDirectory?
A: We're working on technology that allows us to do more business-to-business
commerce on directory services. The idea would be to federate information between two
directories and to provide security and full-access control between companies that use
NDS eDirectory. If you think about e-commerce and a partner-to-partner solution, the
ability to identify, to authenticate, and all those other things, and then to apply resources
becomes critical.
The instant messaging deal we did with America Online depends on this technology.
Today you have to search for your online buddies--it's kind of a pain unless someone tells
you their address.
With Novell's instant messaging product, however, you'll be able to see online those
people that you collaborate with in a business sense. By creating a relationship with these
people in directory services, you can see if they are available, and you can do instant
messaging with them.
We are also working on DirXML, Novell's metadirectory. With DirXML, we went to
completely open standards using XML, which is becoming widely accepted.
With DirXML, we keep the authority with the system that should have it. Many other
metadirectory products prefer to be the authoritative source, which contradicts the way
businesses are run. For example, Human Resources is never going to give up salary
information or certain attributes about who you are. So we make the change in the HR
system and allow the information that is pertinent to flow between other systems.
DirXML leverages the existing replication ingenuity of NDS. For example, you can create
a special replica, or virtual replica, that is really a filtered set. If you wanted to create a
white pages application and use the username, telephone number, and e-mail address
attributes, you could create a replica that contains only this information. The replica would
be an efficient catalog that the application could hit without having to walk the tree or go to
a global catalog (which would eventually become too big to be functional).
By the way, both the business-to-business technology and DirXML should be released in
the first half of this year.
Q: How will you keep NDS eDirectory visible to customers during the Windows
2000 media blitz?
A: We are going to ensure that people understand that things like Windows 2000
Professional (which is really the desktop edition) are not dependent on Windows 2000
Server or Active Directory. In fact, you can manage that desktop with NDS and
ZENworks better than you can manage it with Windows 2000 Server and Active
Directory. You can get the benefits of the Windows 2000 workstation without going
through a long deployment cycle, planning an Active Directory structure, and setting up a
Windows 2000 server.
In fact, you can use ZENworks to deploy the workstation software upgrade. It is very
easy to create an Application Object Template and blast those desktops out there.
Customers can get the benefits of what Microsoft is promising with Windows 2000 on the
desktop and can migrate only those things that are critical. For example, Exchange will rely
on the Windows 2000 Server and, to some degree, on Active Directory. In that case,
customers can use DirXML connectors to manage both Windows 2000 and Exchange.
Novell has the core directory. Active Directory is just a plug-in to that core directory. At
the end of the day, Microsoft has created a circa 1993-type directory service. Active
Directory is a NOS management tool to manage domains. Since Microsoft does not have
any cross-platform plans, Active Directory cannot be a player in the e-commerce market
in any serious degree.
Q: Does Novell plan to integrate Active Directory into NDS eDirectory?
A: Absolutely. In fact, there is some hub-bub over redirection versus synchronization. But,
people don't really care how you integrate Active Directory. They just want single sign-on
and a single point of administration. Our DirXML connector to Windows 2000 will
provide the same look and feel that redirection does. We'll ship the DirXML connector as
close to the shipment of Windows 2000 as possible.
NetWare Connection, January 2000, pp. 22-23
netwareconnection.com
+++++++++++
Great interview and insights into NDS, and Samm also describes some of the ZEN's that we were trying to figure out last Nov-Dec. |
