This eWEEK: Who Controls the Directory?

In 2007, I wrote a column titled, "It's the directory, stupid," in which I took the various corporate and community backers of Linux to task for failing to come up with an Active Directory equivalent for their chosen operating system platform.

Since Active Directory arrived in Windows 2000, Microsoft's directory offering has been a major competitive differentiator for the company--tight AD integration in Microsoft's client and server products has worked both to make these products better in their own right, and to pull through sales of complementary products.

There's a whole slate of Windows Server roles that can be served just as well or better by non-Microsoft products, but there's a logic and an inertia to keeping these systems tucked neatly under an Active Directory umbrella.

And more important than any such perceived benefits is the reality that in a networked environment, directory services are absolutely crucial for managing connected resources. The more tightly and transparently these services are integrated into our networked systems, the more smoothly we can take advantage of them.

Skipping ahead to the present, not a whole lot has changed on the competing with AD front. I had two potential open source AD-beaters in mind: Samba 4, which was supposed eventually to replicate AD in the same way that Samba 3 could replicate NT4-style domains, and the Fedora/Red Hat Directory Server product that began its life as a product of Netscape. Both projects have continued to move along, slowly, but I doubt if Microsoft is sweating either one of them.

My argument back then was that until Microsoft's open source challengers stepped with their own answer to AD, they'd be stuck playing catch up with Windows 2000. As it's turned out, the Linux and open source community I took to task back in 2007 has trained its focus not on Microsoft's mostly within-the-firewall directory services, but on new frontier of Web-based identity and directory services.

In terms of its impact as an identity store, the Active Directory of the decade we've begun is arguably Facebook, which has amassed enough clout, both as comprehensive directory and as an application platform, to demand the attention of organizations looking to better connect with their customers. As P. J. Connolly discussed in the cover story from the January 17th issue of eWEEK, the rise of online identity hubs such as Facebook means new integration tasks for IT.

With that said, we've far from outgrown the need for traditional directory services when it comes to managing individual client and server systems, as Google's recent enterprise-oriented updates to their Chrome Web browser illustrate. The enhancements, which Andrew Garcia recently reviewed, add centralized management capabilities to Google's browser, powered by none other than Microsoft, and its AD-backed Group Policy.