Directory Service

Active Directory adoption has been slow, but a Microsoft push and new lDAP support may change that.

Following slow adoption of Active Directory after its release as part of Windows 2000 three years ago, Microsoft Corp. has been actively urging IT managers to deploy its directory services platform through aggressive pricing, detailed deployment road maps and increased support. And with Microsoft releasing a new capability in AD that will enable organizations to run AD as a non-operating system service (meaning it does not require deployment on a domain controller) immediately following the release of its .Net Server 2003, enterprises that were on the fence about deployments may finally find a reason to make the leap.

Although only 36.4 percent of polled corporations deploying AD have enabled all their servers to use and participate in the AD environment, an additional 41 percent are expected to do so within 12 months, according to International Data Corp., of Framingham, Mass. (see chart).

However, according to a separate IDC poll, only 8 percent of IT managers said they were deploying AD because of its role in Microsofts .Net strategy (see chart). These enterprise users were more interested in ADs ability to lower client management expenses.

Microsoft will try to change that mind-set with the release of AD/AM (Active Directory in Application Mode), a key ingredient in the companys efforts to push its directory services platform into the extranet and e-business spaces.

While AD is used for domain administration and is therefore tied to the Windows network operating system, AD/AM runs as a non-operating system service and does not require deployment on a domain controller.

As with pure LDAP directories, administration of a specific AD/AM directory is separate from domain administration. Running as a non- operating system service means an organization can run multiple instances of AD/AM concurrently on a single server, with each instance being independently configurable. For example, a company that wants to store application data that requires high-replication traffic data could use AD/AM rather than AD to avoid straining network resources with high-replication traffic.

AD/AM will be made generally available shortly after the release of Microsofts Windows .Net Server, in the first half of next year, according to Microsoft officials.

Experts say AD/AM is a concession by Microsoft to the failures of the full-blown AD in some markets, particularly with extranets and other complex applications. Microsoft has also acknowledged the huge learning curve IT managers were faced with when AD was first released with Windows 2000.

"When we released Windows 2000 almost three years ago, we knew the adoption curve was going to take some time, particularly for larger companies," said Michael Stephenson, lead product manager for Windows servers at Microsoft, in Redmond, Wash.

"One thing we found out through Active Directory is there are times when it becomes difficult for a customer to tie all their applications to a single directory," Stephenson said. "Active Directory in Application Mode will enable customers to have a separate directory that will be closely coupled with Active Directory. Customers will now be able to deploy Active Directory in two modes: a standard mode and a stand-alone LDAP mode."

Analysts said AD/AM will go a long way toward increasing the use and usefulness of AD. "If Microsoft gets the product out there, promotes it effectively, and provides the [right] kind of tools and documentation for the product, AD/AM will increase the use of Active Directory," said Dan Blum, an analyst at The Burton Group Corp., in Midvale, Utah. "In particular, itll make Active Directory technology easier to deploy with applications that dont quite fit within the sort of obvious residence of the domain. AD/AM will make Active Directory more accessible."