Well, (with a little help from the Jackson Shaw in the Blogosphere), we got the word on Microsoft‘s latest de-standardization move in Directories: the Next Generation Active Directory or (NGAD) “Clip On” for Active Directory. We at Symas don’t go to the Microsoft Professional Developer’s Conference so we missed it. Probably just as well as we would have been tempted to either laugh in all the wrong places or ask embarrassing questions.
Needless to say, we are neither surprised nor dismayed that Microsoft has selected to go off on its own and ignore the Industry Standards the rest of the major players have agreed on. That’s normal. We are not surprised that they are believing their own Press Releases on (1) the prevalence of and (2) popularity of Active Directory. That is to be expected.
Microsoft has invested over a decade in avoiding compliance with the LDAPv3 standard. Microsoft, it would seem, has bent its pick trying to address the technological limits on its directory’s scalability and the directory’s below average performance. This New Generation “clip on” sounds like a band-aid to professionals who install proxy caches over captive Active Directory instances so that real enterprises can get authentication performance consistent with twenty-first century expectations. No, NGAD strikes us as avoiding the very work that Microsoft’s Enterprise Customers deserve: replacement of Active Directory at the core.
We note that Red Hat, purchaser of the Netscape Directory software referenced in the original blog entry, has done little to bring it up to current standards. Sun has admitted that their older Directory Software was too difficult to re-engineer and has invested quite heavily in a Java-based replacement which is coming along quite nicely. OpenLDAP started from the same starting point as Sun and Netscape, with the code from the University of Michigan, and has re-engineered over three-fourths of the original software to produce the fastest and most scalable LDAPv3-compliant server technology on the planet. Symas has been offering enterprise-scale Technical Support for OpenLDAP for nearly a decade now. That’s about as long as Microsoft has been avoiding doing the work of cleaning up its errata.
The title of this entry intends to evoke the imagery from the recent Apple ads teasing Microsoft about its assertions that Windows 7 is different this time … that users won’t have the problems that they’ve always had with new Microsoft operating system versions. That’s between them. Our evocation is that this is another in the line of Active Directory, then Active Directory Application Mode, then Identity Card, and now Next Generation Active Directory. This time it’s different. This time they’ve come up with something … well … no … they’re coming up with something. Never mind.
Do us a favor. Take a look at OpenLDAP, OpenDS, or the Apache Directory Server. They all offer interesting modern looks at the LDAPv3 standard. All three projects are Open Source Software (by some definition of Open Source) and all three projects are collaborating at various levels in innovation and interoperability.
We’ll bet you never expected to hear us endorse OpenDS or Apache but by comparison with the corrosive and uncooperative efforts of Microsoft, they’re family!
