New tools take pain out of NT management

Entevo offering paves way for directory-based management.

By John Cox
Network World, 6/8/98

A new software suite lets systems administrators create a more complete view of their Windows NT networks than is possible today with NT's domain structure.

Entevo Corp.'s DirectManage 1.0 is designed to help customers build flexible, directory-based systems for managing enterprise NT networks.

The new offering reads the information held in the security database and registry of each networked NT machine. DirectManage then creates a unified, hierarchical picture of those resources - domains, users, applications and files - for all NT systems on the net. Using this information, systems administrators can delegate management tasks to certain administrators or to a group of them.

DirectManage relies on Microsoft Corp.'s Active Directory Services Interface, an API that can be used to give third-party tools access to directory services, including those based on Microsoft's much-anticipated Active Directory. Microsoft considers Active Directory to be a key part of the company's upcoming NT 5.0 release, which is due out early next year.

Today, the applications that form the DirectManage suite "think they're talking to Active Directory," said Amir Hudda, Entevo's CEO. It's this sleight of hand that is used to create the unified view of NT 3.51 and 4.0 users, accounts, applications and so on. These same applications will be able to run against Active Directory when it becomes available.

"DirectManage lets you consolidate all the NT domain information into one place," said Rick Villars, director of network software research at International Data Corp., a Framingham, Mass., market research firm. "Longer term, it's the first product I've seen that takes this to the next step - a framework to start building an enterprise directory, even before Active Directory is released."

DirectManage

DirectManage has two parts. The first is DirectAdmin, which consists of a user interface for administrators and a set of management tools. DirectAdmin is usually loaded on the main domain server. A compact, corresponding client program is loaded on each NT server to be monitored.

Each client program reads the local NT system's registry and security database and sends the information to the server program, which creates the hierarchical view.

Using the DirectAdmin user interface, managers can see and manage all users, groups, systems and directories on an NT net, according to Joe Brand, lead network analyst at Nabisco, Inc. in Parsippany, N.J. Nabisco is testing DirectManage for use in the company's 350-server NT network.

DirectScript

The second part of DirectManage is called DirectScript. This is a collection of eight Component Object Model objects, each of which can handle a specific task, such as user management and file system security. Nabisco managers have written short Microsoft Visual Basic scripts that use some of these objects to read the Access Control Lists on each NT system. This daily list reading now enables net managers to identify everyone who has access to specific directories and files.

"Without DirectScript, you have to check this [information] on a server-by-server basis, starting at the root of each directory, to see who has what permissions," Brand said.

One key capability that's missing from DirectManage is the ability to filter information being collected on remote systems, Brand said.

A filter program, for example, could sift out just information about user passwords. In NT today, according to Brand, managers have to dig through a mass of other user information associated with the password. DirectManage 1.0 costs $19 per managed user account, with volume discounts available.

Managing NT events

Another company, Mission Critical Software, Inc., has also released a product for improving NT management by consolidating systems data from a network of NT machines.

Version 2.5 of Mission Critical's SeNTry Enterprise Event Manager (EEM) uses small agents on remote systems to send data from NT event logs to a central Microsoft SQL Server database. Once there, the data can be analyzed and arranged into reports via a graphical interface.

New features in Version 2.5 include a Web browser interface; a set of ready-to-use Knowledge Packs that collect data from specific applications, such as Microsoft Exchange Server; and a new reporting engine that works with an array of third-party tools.

Pricing for SeNTry EEM is unchanged at $995 per monitored server and $50 per monitored workstation. The software, available now, runs on Intel and Alpha computers running Windows NT 3.51 or 4.0.

Entevo: (703) 524-1900; Mission Critical: (888) 323-6768