Novell Yanks NT Redirection Ability from NDS

As Microsoft Corp. works to put the finishing touches on Windows 2000, Novell Inc. is preparing to battle the software giant.

Novell’s marketers have said that part of the company’s strategy is to manage Microsoft products more effectively than Microsoft does. Recently, however, reports have surfaced that the company is planning to force customers to choose between NetWare and Windows 2000.

But the matter is not as black and white as merely choosing between two operating systems. There are at least three scenarios: customers can forgo Active Directory altogether for optimum integration with Novell Directory Services (NDS); customers can install Active Directory and remove NDS and NetWare for optimum integration with Windows 2000 and Active Directory; or customers can install Active Directory and hope Novell gets its DirXML tool working properly.

The impending release of Windows 2000 with its accompanying Active Directory services is a complicated matter. Active Directory is pervasive, and because it so completely subsumes Microsoft’s existing Windows NT domain model infrastructure, redirection may be impossible, some analysts maintain.

"It’s technically impossible [for Novell to employ redirection technology with Active Directory]," says David Chappell, principal at Chappell & Associates (www.chappellassoc.com). "The single biggest issue is that Active Directory is just so pervasive and used so pervasively in Windows 2000. It’s not just a simple login service like NT 4.0 currently uses."

In late October, Novell acknowledged that it was shelving NDS for Windows NT’s existing redirection capability in favor of an as-yet-to-be-developed XML-based directory synchronization tool, dubbed DirXML. While the networking giant wouldn’t promise to ship DirXML with version 8.0 of NDS, it did indicate that the technology would appear at about the same time as Windows 2000’s February debut.

According to Samm DiStasio, director of NDS marketing at Novell, DirXML will provide the same level of functionality that customers currently enjoy with NDS for Windows NT’s existing redirection technology.

"Customers … want a single point of administration and a single password: Essentially, they want to cut their administrative overhead to a minimum," DiStasio explains. "That’s what our technology in NDS for NT does today, and that’s exactly what it will do going forward."

DiStasio points out that customers don’t have to deploy Active Directory. If an IT organization determines to roll out Windows 2000 Professional as a new client operating system, for example, but also plans to continue using Windows NT 4.0 Server-based primary or backup domain controllers, NDS for Windows NT’s redirection technology should continue to function as normal.

Moreover, unless a Windows 2000 Server or Advanced Server is deployed as a domain controller or backup domain controller, Active Directory does not have to be installed at all.

But for some applications, such as Microsoft’s forthcoming Exchange 2000 messaging and mail platform, Active Directory must be installed. In this case, DiStasio says, NDS for Windows NT’s DirXML will prove to be a compelling technology.

"In those cases that you’re forced to deploy Active Directory with Exchange, DirXML is a great integration solution," he says.

It is inevitable that some customers may want or need to upgrade to Windows 2000-based domain controllers. Or customers may have concerns whether related to performance, security, or other factors about synchronizing two discrete directory services in distributed network environments.

When this happens, Chappell says IT organizations have no choice but to deploy Active Directory.

"Deploying a Windows 2000 domain requires deploying Active Directory -- there's no way around it," he says. "So unless people want to forgo having any Windows 2000 domain controllers, Active Directory has to be in the picture.

As a result, industry watchers say Novell must deliver an NDS for Windows 2000 solution that integrates meaningfully with Active Directory.

Dan Kusnetzky, director of worldwide operating environments at International Data Corp. (IDC, www.idc.com), is blunt: "Novel has to find a way to continue to support Windows NT/2000 with NDS if they hope that it will become a universal, distributed directory service."

The success of DirXML, therefore, will be a key determinate factor. If NDS is to continue to be a viable option on the Windows NT platform, Novell must deliver a DirXML tool that is both functional and scalable -- a tall order for a technology that hasn’t left the testing lab.

But according to Al Gillen, research manager for server infrastructure software at IDC, Novell may have an ace up its sleeve: an expected lead-time of six to 12 months before enterprises begin large-scale deployment of Windows 2000.

"Don’t forget that this is going to be a long transition, and remember that even if Active Directory is unable to be redirected to NDS, it’s going to be probably six to 12 months from now before anybody is impacted by this issue," Gillen explains. "By then we should see if DirXML is going to be a viable option."

Some critics suggest that the lack of a truly integrated NDS for Windows 2000 may be the final straw that causes IT organizations to eschew NDS and NetWare in favor of Active Directory and Windows 2000.

IDC’s Gillen dismisses such speculation. He says Active Directory runs only in Windows 2000 environments, while NDS works in NetWare, Windows NT, Linux, and Sun Solaris, among others.

"If you’re going to simply say that you can’t redirect Windows 2000 Active Directory calls into an NDS environment, what are you going to do about your other environments that may be using NDS?" Gillen asks. "The only way that you can move away from NDS is if you don’t have any other environments."