Windows 2000:

While Novell takes the high ground, the companies with tools for migrating from NT 4.0 to Windows 2000 version 5.0 are working in the trenches. One example is FastLane, which offers enterprise directory management solutions. It launched its flagship product, named FINAL (FastLane Integrated Network Application Language) in 1993. Since then, the company has introduced several directory management applications and development and migration solutions for Microsoft Windows NT and Windows 2000 as well as the Banyan VINES network operating system.Among its clients are Canadian and U.S. government departments, including Correctional Services Canada, Canada's Department of National Defence, Human Resources Development Canada, the U.S. Marine Corps and U.S. Air Force.Its newest product is the FastLane DM/Suite, a series of applications built using Active DMS (Directory Management Service) that allow network managers to sim-plify enterprise directory management and enable enterprises to coexist with, migrate to and administer numerous enterprise directories.When Keith Millar, FastLane product manager, looks at the NDS vs. Active Directory issue, he said that from where many companies sit, the choice will make a big difference."If a company is committed to NT, it is hard to argue against the easy task to choose Active Directory, since it is backward compatible. Right now, though, when you look at what is out there and what is working, you see NDS. But add Exchange and SQL and the decision to move to DNS is more painful," Millar said.A key issue for Millar is that NT 4.0 over the last five years essentially has sneaked into the enterprise. And the NT domain structure has become a kind of grass-roots domain, or rogue domains, as it were. That is hard to deal with when looked at from the viewpoint of cost of ownership, for example, in having to maintain trusts, which are the ties between domains in NT 4.0.With Windows 2000 and Active Directory, which is built on the treelike hierarchy and relies on LDAP, network administrators will need to reconfigure their domains. And that is where FastLane comes into play.Millar says there will be three main stages that companies must work through to prepare their networks for Windows 2000.First is to clean the data the way that those who create data warehouses or data marts must prepare it before converting it for use in the database. Since the directory basically is a peer database of users and groups distributed to all throughout the enterprise, no one really has a clean database.There will be users with improper access, names of users no longer with the enterprise, individuals with multiple login names and users with incorrect password settings. On the computer side, there will be software that no one ever asked to have there. Not cleaning data would move those problems to the Active Directory. Among the tasks performed by FastLane's DM suite is to rid the system of all accounts for people who no longer work for the company and to generate a comprehensive list of what will or will not work.The second stage is moving from the flat structure of the NT 4.0 domains to the hierarchical structure of the Active Directory. Here the task amounts to "infect these people with, "Think Hierarchical.' " Because Windows 2000 allows spanning multiple NT 4.0 domains, the administrator can model the network based on the requirements of the business.But Millar said: "With flexibility comes complexity. While NT 4.0 tiptoed into the enterprise, that approach will not be successful with Active Directory. Now you need much more planning, not only in administrative issues but in political boundaries. Given the curve, we have step-by-step briefs in the Learning/Solutions Center on our Web site."The third stage is testing the system. Millar uses the analogy of flight simulation, advising clients to do their trials on the ground rather than test the installation in the air."DM Suite is a migration product. We have coexistence very firmly in mind; that is, to keep NT 4.0 up and running while you migrate so you can go back to the old system if necessary," Millar said.In the final analysis, the main driver for those moving to Windows 2000 must be the sometimes magical total cost of ownership. Millar stressed that organizations need to ask what is killing them from a cost perspective. Is it administration, reliability, scalability?XXXSPLITXXX-Another company running alongside Microsoft and offering directory management solutions for the enterprise market is Entevo Corp. Privately held and venture-funded, this startup was founded in 1993. Its directory management products are designed to deploy, integrate, administer and maintain enterprise directories in Windows 2000 and other vendor platforms. With its DirectManage suite, the company claims to be the first provider to deliver an Active Directory ready, cross-platform solution.Dale Gardner, director of product marketing, firmly believes that management from a single interface across multiple directory services on multiple platforms is important, whether NT, Exchange, Active Directory or Novell's NDS."Deploying new technologies is important on a managerial, as well as technical, level. The issue becomes how smooth and robust is the process. Whether creating new users or resetting passwords, you need a strong administrative component focused on enhancing productivity with fewer errors and problems," Gardner said.He cited the federal space, specifically the Defense Department, noting that because it is focused on Exchange Server as their e-mail backbone system, Entevo's solution was accepted: The company's suite can be used to administer both Novell and NT environments from a single console."We can offer an attractive proposition to our customers. In the move from NDS to NT, clients are used to a robust hierarchy. We can take the current hierarchy in NDS and migrate that into NT using a direct map that sits on top of NT and replicates that hierarchy. We can also administer the Exchange environment, create the NT users and create the Exchange mail boxes," Gardner said.The company debuted its DirectAdmin Exchange Plus Pack beta, the most recent addition to the DirectManage suite, during Microsoft's Tech Ed conference in May. That package extends DirectManage's ability to co-manage resources across multiple directories including Windows NT 4.0 domains, Active Directory, Novell NDS and Microsoft Exchange from a single management console."Cross-platform management is an absolute requirement for the 30 million Exchange users in enterprises planning migration to Windows 2000 and Active Directory," said Dave Malcolm, Exchange group product manager at Microsoft, at the time of the Entevo announcement. "By leveraging Microsoft's Active Directory Service Interfaces (ADSI), Entevo quickly integrated cross-platform management of Microsoft Exchange resources into its DirectManage suite."Using the Exchange Plus Pack, directory administrators can create and delete mailboxes, customize recipients, distribution lists, organizational units, containers and public folders as well as view and set their properties, owners and permissions. Automated co-management features ensure that changes made in Windows NT are automatically reflected in the Microsoft Exchange directory. The application also offers administrators a unified view of public folder security across multiple Exchange sites, with the ability to view and set permissions and report on ownership.In line with Microsoft's Horne and Mission Critical's Thierry, Gardner believes that directory-enabled applications loom large on the network horizon and likely will be a model for many organizations.Gardner mentioned two key drivers. First is the ability to define users and access rights in systems management as well as decide what applications wind up on an individual user's desktop. In the latter case, the user's profile resides in the Active Directory.The second driver for directory-enabled applications is e-business (business to business) and e-commerce (business to consumer). Here, the example is the role of extranet applications, right now largely in the commercial space, as opposed to the public space. Given an application-based relationship with the user, much of the information will be stored in the directory.There seems little question that directory technology will become pervasive. By 2003, according to IDC projections, considerably more than 500 million directory clients will be in use. The market for directory servers is expected to grow at a compound annual growth rate of 35 percent and is even higher for Active Directory.Another research firm, the Burton Group of Midvale, Utah, produced a study in February 1999, "Network Strategy Overview: The Enterprise Directory Value Proposition," which views directories as the most significant technology issue to face customers over the next three years.Specialists in network computing technologies, the firm noted in its report that to start an enterprise directory project, a typical Global 1000 organization must spend between $1 million and $2 million, depending on the number of users on the network, the number of directories being integrated and the overall scope of the project.The Burton Group concluded: "With a well-executed implementation plan, enterprise customers can expect a return of approximately five times their ongoing investment, depending on the size of the network, the number of users in the directory, and the number of directories being integrated with the enterprise directory. "Organizations can realize that return in cost savings in the millions of dollars, primarily in the areas of administration and support. But those savings will come only through the hard work and significant resource commitments that directory projects require, which includes dealing with dirty directory data and internal politics, both of which can derail directory projects," the group said.XXXSPLITXXX-Yet a third company targeting the introduction of Windows 2000 and the advent of Active Directory as a marketing opportunity is Mission Critical Software. That company offers its OnePoint Domain Administrator, an enterprise-scale Windows NT systems administration and management software product that promises security, simplicity and reduced cost of ownership.Its target is the customer in organizations that deploy or plan to deploy Windows NT and Windows 2000 networks. The company claims that the seven largest firms in the world use its products.With the company's OnePoint Domain Administrator graphical user interface and extensive automation, Mission Critical Software claims that "if you can drag and drop, you can migrate" everything from user accounts, groups and member servers to workstations and user rights into Windows 2000 and Active Directory while continuing to preserve access to existing resources.Another tool, OnePoint ActiveViews, allows the network administrator to model, prototype and test multiple AD tree structures in NT 4.0 or Windows 2000. After dragging and dropping these ActiveViews into Active Directory, the Domain Administrator automates the creation of a fully functional organizational unit hierarchy.It was Thierry, vice president of marketing, who felt directory-enabled business applications would make a significant marketing dent within the next 14 to 16 months, and that Windows 2000 will have more impact as a directory service than as a network operating system.Beyond those issues, he sees security playing a major role in the thinking of network administrators and the installation of network applications, utilities and the operating system."Security will be huge. Other areas that will focus attention as Windows 2000 comes on stream include content management, policy-based administration of the content and synchronization," said Thierry.He noted policy-based administration of content as an important example. If an enterprise is carrying so much data in the directory, how will it go about managing that data? Will the network administrator decide to delegate control as well as access?"The role of the administrator is to define administrative or content policies to the enterprise. That includes resetting passwords. As we get into more and more business objects, the policies will be much more businesslike, truly business policies," said Thierry.When all is said and done, he sees the key challenge in moving to the Active Directory as defining a three-dimensional organization in a two-dimensional hierarchy. If the structure is not set up correctly, the enterprise and the network administrator are likely to be in serious trouble.It is another reason why few companies are likely to move straight to Windows 2000 with an in-place installation, and why a master's degree in business administration is not such a bad career choice for network administrators planning for the future.