What Microsoft could learn from Novell

In addition to this Identity Management newsletter I write two others for Network World Fusion: one on Microsoft Windows Networking and the other on Novell NetWare. Recently, both have been concerned with the new features and functionality due in the upcoming releases of NetWare 6.5 and Windows Server 2003.

Both network operating systems ship with directory services to handle identity management for their respective operating environments – eDirectory for NetWare and Active Directory for Windows. Those interested in the two NOSes should consult their respective newsletters. In my opinion, what’s interesting to you, the Identity Management newsletter reader, is how each company is treating the changes in the directory service that accompanies the new operating system.

In all discussions of the new features and functionality of Windows Server 2003 Microsoft always seems to lead with the improvements in Active Directory. Some of this can be attributed to the alphabet, since sorting the various features alphabetically invariably puts AD first. But just as important, Microsoft realizes that the initial release of AD with Windows 2000 was not well received. In fact, it appears that the major reason people delayed upgrading to Win 2000 was the necessity to install AD.

Microsoft has taken great pains to overcome the various objections people raised to implementing a directory service and it appears it has done a good job. Download and read “Technical Overview of Windows Server 2003 Active Directory” (https://www.microsoft.com/windowsserver2003/docs/ADtechover.doc ) for details of the changes or see what I had to say in the Windows networking newsletter (see links below).

On the other hand, you can look at the dozen or so newsletters on NetWare that we’ve sent out in the past six weeks and barely see any mention of eDirectory. There are two reasons for that. First, of course, is that eDirectory is far more mature technology than AD – it had a 10 year head start. Second, though, and more importantly I think, eDirectory is a product in its own right at Novell, it’s not simply an authentication and authorization service for NetWare.

People with all-Windows Servers, all-Solaris hosts, all-Linux hosts, even all-AIX hosts – or any combination of these operating systems – can run them all on an eDirectory platform without the need for a NetWare server. NetWare is only one of the operating  system platforms that eDirectory supports. So Novell can “de-couple” eDirectory from NetWare and update it on its own schedule. NetWare and eDirectory changes can be staggered to minimize the potential impact on your system. That means that upgrades can go forward relatively quickly compared to Windows and AD which, for better or worse, are in lockstep.

Even 10 years after eDirectory first shipped with NetWare 4, Novell still finds customers using pre-eDirectory versions (i.e., NetWare 3.2) on their enterprise networks. While Microsoft has made major improvements in the deployment and maintenance of AD I think users will still be reluctant to move – even from NT 4 – up to the new operating system. Separating the identity systems from the mundane file and print has helped rejuvenate Novell; maybe Redmond should do the same.