Novell’s directory musings

I caught up with Novell’s Justin Taylor at the Open Group meeting last week. He’s the chief strategist for directory services in Provo and was delivering the keynote for the Identity Management Initiative meeting put on jointly by the Directory Interoperability, Messaging, Mobile Management, and Security forums.

While he covered the whole gamut of identity problems and solutions in the Web services arena with his address on “The Evolution of Identity Management in a Web Services World,” I limited my questions to two areas – eDirectory itself and Lightweight Directory Access Protocol (LDAP) in general.

Taylor thinks that LDAP’s day has come and gone. While the various vendors of LDAP-enabled directory services bickered about interoperability scenarios, their thunder was being stolen by the XML crowd in the form of the Directory Services Markup Language, Security Assertion Markup Language and the Web Services Security technical committees of OASIS. LDAP won’t suddenly disappear, says Taylor, but instead it will simply grow more and more irrelevant and fade away.

He was much more upbeat about Novell’s eDirectory, though – well, that is what puts food on his table, so you’d expect that. As befits his position as head cheerleader for the venerable directory service, Taylor is excited about the new functionality coming in the near future, as well as the new visibility that eDirectory has, courtesy of Sun. Last month, Sun blamed Novell for its $2 billion loss in its second fiscal quarter due to Novell’s tactic of giving away eDirectory (see last week’s newsletter).

When the subjects of scalability and reliability were raised, Taylor also had ready answers. He reminded me that scalability has more than one dimension – that it’s not only the number of objects in the directory but also the number of attributes for each object that can make a difference. Not only does eDirectory scale to millions of objects, but each of those objects can have hundreds of attributes. He suggested testing that with competing directories.

When I asked about reliability and robustness – issues that vendors of directories built on relational databases often raise – Justin was quick to point out that all directories fail eventually, just as all hardware does. The trick is recovering from the catastrophe. He claims that a high school network administrator could recover eDirectory and that there’s no need for a high-priced database administrator to be standing by. That’s something to plug into your return on investment calculation, for sure.

In closing, Taylor talked about applications. While directories are useful tools, it is only when they are used to develop apps and services that they become essential to the enterprise. Not surprisingly, he reminded me that the more objects and attributes you can relate via the directory (or through a virtual/meta directory), the richer are the apps and services you can create, citing the wildly popular ZENworks line of services as a prime example. That’s a good point, a valid point and a fine place to end this newsletter.