Microsoft Zooming to Improve Active Directory

It's been a hot summer for the Active Directory portion of Windows 2000. Microsoft Corp. has been wheeling and dealing on AD's behalf since early June. Last month, Microsoft made two more moves, one with unknown Zoomit Corp. ( and the other with well-known Cisco Systems Inc.

Zoomit, a metadirectory solution provider, was acquired by Microsoft and will provide technologies that will enable Active Directory users to manage identity data -- such as account information, passwords, configurations and access rights -- that are stored in heterogeneous directory services throughout the enterprise. Officials say Microsoft will add support for popular applications and network services that store identity information in places other than directories.

"While directory services are the ideal long-term repository for identity management, customers are telling us that their identity data currently is fragmented throughout the enterprise," says Jim Allchin, senior vice president of the personal and business systems group at Microsoft. "By integrating and extending Zoomit's technologies with Active Directory, we will simplify enterprise identity management in a way that blends well with existing business processes."

Zoomit's technologies are designed to access identity data in other crevices of the enterprise, including e-mail address books and application databases.

Peter Houston, lead product manager on Active Directory, says customers have been asking about how they'll integrate AD into their existing infrastructures. Microsoft has been working on connectors to Novell Directory Services (NDS), but the company is looking for more advanced operations that integrate AD into a broader landscape of directories, databases and ERP applications. "You can imagine that we could create metadirectories where data is gotten from multiple sources and managers can make a change and push it out to the places it belongs," Houston explains.

He points out that this goal will not be restricted to high-end products because the technology will be an integral part of Windows 2000. Zoomit's technology is expected to be useful in scenarios such as hire/fire, where an administrator can add or delete a user from the system and automatically update that transaction to different network services; single sign-on, which provides a user with one sign-on prompt to access the desktop, network files, e-mail and more; multiple addressing systems, which give a user a particular global address book according to the sign-on name; and extranet directories, which provide the same kind of uses to those who sign on over the Internet.

Microsoft won't begin integrating the technology into Windows 2000, until next year.

The company has extended its joint development agreement with Cisco. The partnership aims to simplify the provisioning and management of network devices and services, and to offer advanced personalized networking services to customers.

To do this, Cisco is developing Cisco Networking Services for Active Directory (CNS/AD), a family of advanced networking services that integrates the knowledge of network services, identity, security, policies and user profiles so applications can interact with Active Directory and Cisco's networking services. The announcement is an extension of a partnership formed in May 1997, in which Cisco and Microsoft agreed to jointly enhance Active Directory to simplify network management.

The Zoomit and Cisco announcements are the latest in a string of technology deals Microsoft has been making to shore up support for Active Directory. "There's a certain fear factor in the marketplace [about Active Directory], and Microsoft is trying to buffer that as much as possible," says Stephen Elliot, analyst with Dataquest ( "The users I've talked to are extremely concerned over how well it's going to fit, how well it's going to work and if it's going to be scalable."