http://www.microsoft.com/TechNet/boes/bo/winntas/technote/DS.htm (PC Press Internet CD, 03/1996)
| Updated: March 13,1996 |  Go To TechNet Home Page |
This paper provides an overview of Microsoft's Directory Services Strategy -- its roadmap to delivering a next-generation directory service and solving customer problems associated with multiple directories.
The Microsoft Business Systems Technology Series consists of a number of interrelated white papers dedicated to educating IT professionals about the Windows NT™ operating system and the Microsoft BackOffice™ family of products. While current technologies used in Microsoft products are often covered, the real purpose of this series is to give the reader an idea of how major technologies are evolving, how Microsoft is using those technologies, and what this means to information technology planners.
Introduction
Microsoft Vision of the Future
Directory Evolution
Microsoft's Directory Services Road Map
Transition from Windows NT Server to Windows NT Server Cairo
Open Directory Services Interfaces
Conclusion
Because networks can make information readily available, they are becoming an essential business tool. To fulfill that role more efficiently, however, networks must become more functional, more manageable, and more adaptable to the way people work. As a network technology and a fundamental element of distributed computing systems, directory services will play an important part in achieving these goals.
This white paper discusses directory services in the context of the evolution toward distributed computing, as well as provide a strategic road map for Microsoft's customers and partners. As a road map, this document describes the directory service support found in today's products, Microsoft's intentions when it comes to developing next-generation directory services, and Microsoft's goals for the future.
In 1990, Bill Gates outlined his vision of Information At Your Fingertips (IAYF). That vision is based on a simple yet powerful idea: building computing systems that allow people to focus on information, rather than the technical aspects of the system that contains the information. People should be capable of storing, accessing, managing, and analyzing data from a wide variety of sources without having to think about where it is physically stored and what applications are needed to manipulate it. In other words, Microsoft sees as its ultimate goal nothing less than changing the way people use computers.
Because of the transparency of access it will allow, a distributed computing infrastructure is one element essential to making the IAYF vision a reality. Such an infrastructure will allow network resources to be found and used independently of their location or their type, ensuring secure access to those resources. Distributed computing systems will also support a more efficient use of the aggregate power of all the machines on the network, making the network both more available and manageable as it grows.
A complete distributed computing infrastructure will be comprised of a variety of technologies and components. For example, a micro-kernel based operating system is an essential network foundation component. To accommodate the heterogeneous nature of today's networks, that operating system must be portable to a wide variety of hardware architectures and be able to support a rich set of network communications protocols. It must also be scaleable, capable of supporting everything from networks in small companies to those in global enterprises. Just as important, that operating system must include a widely supported set of application programming interfaces for application development.
Directory services are another essential component of a distributed computing environment. To make distributed computing truly seamless, however, directory services must be fully integrated with an object-oriented, distributed file system. The Burton Group Report document "Directory Services Strategic Overview" terms this a next-generation directory service. Next-generation directory services must also be tightly integrated with the micro-kernel-based operating system that serves as the foundation for the distributed computing environment.
Microsoft has been hard at work for several years, building the foundation for distributed computing that will fulfill the goals of IAYF. A result of this work is Windows NT Server. Windows NT Server is the micro-kernel operating system foundation on which Microsoft's distributed computing system is based. It's scalability, portability, security, robustness, and interoperability have already been proven in the marketplace. Windows NT Server also includes a widely accepted set of programming interfaces- Win32® and OLE-used by a large number of application developers to create advanced business applications. As a result, many customers have adopted Windows NT Server and are using it both as their primary network environment and to run their businesses.
With the foundation for its distributed computing environment firmly in place, Microsoft is creating the next-generation distributed services that will be integrated with Windows NT Server, thereby completing the distributed computing picture. And, because the network environment will be based on the foundation provided by Windows NT Server, distributed computing will not come at the cost of making current Microsoft network systems obsolete. The transition path to IAYF will be a smooth one because the foundation for it-Windows NT Server-can be obtained and implemented today.
Because directory services are an important component of a distributed computing infrastructure, it is important to understand the continuing evolution of directory services technology. The features and functionality of a directory service are obviously important. But just as important is the role directory services are playing in today's networks, how that role will change as distributed systems evolve, and how directory services must change in order to fill that role.
As The Burton Group Report document "Directory Services Strategic Overview" points out, directories have traditionally been implemented as a subset of other applications and services, designed primarily as administrative tools. For example, a basic directory is used to manage users and their access rights in email systems, multi-user accounting applications, and groupware tools. Similarly, a directory is also used to manage and authenticate users in today's network operating systems.
While the directory services provided by today's network operating systems have clearly increased in functionality over the last several years, they are still used primarily in an administrative role. For example, Banyan's StreetTalk, Novell's NetWare Directory Service (NDS), and the Windows NT Server Directory Service all offer improvements over the past versions of NOS-based directory services. However, they are all still used primarily to manage the network environments provided by their vendors.
Clearly, these directories differ to some degree when it comes to features today. Each offers specific features that cannot be found in other directory services. For example, while all three support hierarchical naming, Windows NT Server Directory Service supports a two-level hierarchy, StreetTalk supports a three-level hierarchy, and NDS supports an unlimited hierarchy. On the other hand, unlike NDS, Windows NT Server Directory Service can be used to manage other NOS networks, such as NetWare. (More on the functionality of the current Windows NT Server Directory Service is provided later in this document.)
From a functional point of view, all three of these current-generation directory services are designed to make the network operating system environment manageable. In that light, the Windows NT Server Directory Service is an excellent administrative tool, competitive with both NDS and StreetTalk, because it makes the Windows NT Server environment much more manageable.
It is important to realize, however, that the vision of Information At Your Fingertips cannot be fulfilled by directory services that are limited to an administrative role. The IAYF vision requires a next-generation directory service-a directory service that transcends the administrative role played by directory services today and takes on a much broader role in creating a more intuitive network environment. This next-generation directory service does not yet exist.
The Burton Group Report document "Directory Services Strategic Overview" states that "before directories can become more than administrative tools, they must be capable of containing more than administrative information. When integrated with distributed file systems, directories will be able to contain users' information, not just information about users." Microsoft agrees with that view, and it is the basis upon which much of our future directory development will be built.
For example, next-generation directory services will not be deployed as subsets of other applications and services; they will be implemented as an integral part of operating systems that serve as the foundation for distributed computing. Instead of being exposed as a separate database, as current-generation directories are, next-generation directories will be integrated with the network file system. As a result, a next-generation directory service will be capable of containing all of the information on the network and not just the user profiles, access control lists, and other administrative information found in today's directory services.
When the ability of the directory to contain more than administrative information is combined with sophisticated query capabilities, end users will be able to search the directory for more than the name of a given server or printer. They will be able to search for any and all types of information on the network; the directory will contain all of the information they need to access. This accessibility will allow end-users to focus on what they are trying to accomplish and not on how the network works.
Application developers will benefit from next-generation directories as well. Current-generation directories are administrative tools and hence limit developers to exploiting these administrative functions in their applications. By providing a unified repository for all network data, next-generation directory services will provide a more unified application development framework and increased functionality for the developer.
Instead of separate application programming interfaces (APIs) for the directory and the file system, developers will be able to work with a single interface that provides access to the directory and all of the objects in it. Developers will be able to do much more than add administrative capabilities to their current applications. Next-generation directories will enable them to create new distributed and collaborative applications that today are technically and economically unfeasible to create.
Next-generation directories must also provide significant levels of interoperability with the existing administrative directories deployed as part of other applications and operating systems. This seamless interoperability will allow network managers to unify the implementation, access, and management of all network resources, including current-generation directory services, within the next-generation directory itself.
Next-generation directories will enable a pay-off that justifies the investment in distributed computing. By enabling a network environment that is easier to navigate, easier to manage, and capable of making the information people need more accessible, next-generation directory services will allow networks to fulfill their role as critical business tools.
The development of next-generation directory services is an important part of Microsoft's effort to build a distributed computing infrastructure. In creating this directory service, Microsoft will not simply recreate what other vendors have already done. We will redefine the network, resetting the expectations of what networks are capable of accomplishing for users, network managers, and application developers.
This goal will be reached through a phased implementation of increased directory functionality. Over the term of that phased implementation, the kind and amount of information that people can access via the directory will increase, as will the ease with which people can find and manage that information.
Microsoft's phased approach to directory development is designed to give its customers more directory functionality while, at the same time, providing a smooth transition to the systems that will fulfill the vision of Information At your Fingertips. First, Microsoft will work to integrate the multiple directories found in the operating systems and applications that customers are using today. Then Microsoft will deliver a next-generation directory capable of superseding today's administrative directory services and enabling an effective distributed computing infrastructure.
Phase I of Microsoft's directory service strategy was designed to make file and print resources more manageable. That goal was reached with Windows NT Server Directory Services included in the first release of Windows NT Server.
The Windows NT Server Directory Services provide an enterprise-wide, single login for file and print resources. End-users login once using a single name and password and are authenticated to the entire network, giving them access to all the file servers and printers to which they have been granted access with no additional logins. This single login is accomplished by allowing network managers to create administration "domains". Each domain can contain multiple servers, and can be managed as a logical entity. Trust relationships between these domains allow end-users in any domain to login once to the entire enterprise-wide network.
In addition, the Windows NT Server Directory Services allows administrator's to manage the network from any workstation on the network. Administrators get a centralized view of the network, and can, therefore, easily implement a centralized administration model for an enterprise.
The Windows NT Server Directory Services also includes features designed to ensure both scalability and reliability. For example, it is capable of handling more than 40,000 entries per domain. In larger installations, Windows NT Server customers can create multiple domains, and hence have multiple directory partitions, within their organizations. In addition, the information in the directory service is replicated, with replicas distributed to all the servers in a domain. As a result, end-users can access network resources from anywhere on the network, and any server in a domain is capable of processing user logins, effectively distributing the load between servers. And, since multiple copies of the directory exist, system reliability is ensured as well.
Because of these features, some 80 percent of the customers using Windows NT Server today are using the Windows NT Server Directory Services.
In Phase II, the current offering of its directory services strategy, Microsoft has extended the functionality of the Windows NT Server Directory Services to other components of the network and other network operating systems. By integrating applications with the Windows NT Server Directory Services, Phase II constitutes Microsoft's efforts to push its directory service beyond the administration of file and print services. Microsoft is also allowing administrators to simplify the management of their networks by extending the Windows NT Server Directory Services to other environments. These goals have been accomplished through two important efforts:
A large number of server-based applications from Microsoft and third-parties have been developed for Windows NT Server. These applications are integrated with the Windows NT Server Directory Services, giving network managers the benefit of a unified administration model. For example, with Windows NT Server Directory Service administrators need to maintain only one user account and password for multiple applications and services. End-users also benefit because the single login enabled by the Windows NT Server Directory Service is extended to these applications as well. For example, once users have logged on to the network, they can gain secure access to these applications without having to log in again.
To enable this level of functionality, Microsoft's BackOffice applications for Windows NT Server 3.51-Microsoft SQL Server™ 6.0, Microsoft SNA Server 2.11, and Systems Management Server 1.11-have been integrated with the Windows NT Server Directory Service. Third-party applications are also being integrated in a similar fashion. In fact, over 1,100 independent software vendors attended a recent Windows NT Server Professional Developers Conference to learn how to integrate their applications with the Windows NT Server Directory Service and can earn the BackOffice logo for their products by doing so.
In addition to these efforts to support developers, Microsoft has further extended the Windows NT Server Directory to support the management of heterogeneous network environments. Many existing NetWare customers find Windows NT Server an attractive network solution and would like to deploy it. But the management burden created by integrating two different network environments or making a transition from one network environment to another can be prohibitive. Having to manage both NetWare and Windows NT servers via different administration models, for example, would be costly and difficult.
Figure 1 - File and Print Services for NetWare
Phase II of Microsoft's directory services strategy addresses these concerns and simplifies network management by eliminating the burden of multiple administration models. Administrators can now give NetWare users a single log in to a Windows NT Server-based network. They can also centrally manage a mixed Windows NT Server and NetWare server network from the Windows NT Server Directory Service. Integrating the NetWare environment with the Windows NT Server Directory Service in this fashion is accomplished by using two utilities that run on Windows NT Server 3.51-File and Print Services for NetWare and the Directory Service Manager for NetWare.
File and Print Services for NetWare makes Windows NT Server function like a NetWare 3.12-compatible file and print server. Users running NetWare client software (either NetX or VLM) can access NetWare file and print services as well as powerful server applications-all running on the same multi-purpose Windows NT Server machine-without changing their client software.
Figure 2 - Single network logon for NetWare clients using Windows NT Server Directory Service
In addition, NetWare users automatically gain the benefit of the single login to file and print resources and applications enabled by the Windows NT Server Directory Service. So as illustrated in Figure 2, for example, a NetWare user can access information in Domain A, while his or her account information is stored in Domain B.
Figure 3 - Directory Service Manager for NetWare
Directory Service Manager for NetWare further extends the Windows NT Server Directory Service to the administration of NetWare networks. Directory Service Manager for NetWare copies all NetWare user and group account information into the Windows NT Server Directory Service, and then incrementally propagates any account changes back to the affected NetWare servers. It allows centralized management of account information and enables a single user account and password logon in a mixed network of Windows NT Server and NetWare servers.
In Phase III of its directory implementation strategy, with Microsoft Exchange Server, Microsoft will extend the Windows NT Server Directory Service to X.500 based attributes. Microsoft will also provide an X.500 gateway that will allow Windows NT Server Directory Service to communicate with directory services based on the X.500 standard protocols.
Administrators will be able to manage Microsoft Exchange Server with Windows NT Server Directory Services. When first installing Microsoft Exchange Server, administrators will be able, for example, to create mailboxes for all existing Windows NT Server users.
Figure 4 - Integrated Management of Microsoft Exchange Server using Windows NT Server Directory Service
Once Microsoft Exchange Server is up and running, the User Manager for Domains, which is used to manage Windows NT Server and NetWare user accounts, will also be used to manage Microsoft Exchange Server users. Administrators will be able to maintain one account for Windows NT Server and Microsoft Exchange Server users. When creating and deleting users in Windows NT Server, for example, administrators will be able to create and delete mailboxes for those users as part of account management in the User Manager for Domains. Administrators will also be able to create and manage Microsoft Exchange Server property sheets, which will define a user's mailbox and other attributes, from within the User Manager for Domains.
Figure 5 - Creating an Microsoft Exchange Server mail-box while adding a Windows NT Server user account
End-users will also benefit from the extensions to Windows NT Server Directory Service. Once they've logged on to Windows NT Server, users will be able to securely access Microsoft Exchange Server without having to log in again. So, Microsoft Exchange Server will enjoy the same single login capabilities used by SQL Server, SNA Server, and Systems Management Server today, creating a fully integrated BackOffice suite of applications.
Phase IV of Microsoft's directory strategy will round out Microsoft's directory services strategy, through development of a next-generation directory service for the Windows NT Server environment as part of the project code-named "Cairo". Microsoft has publicly discussed Cairo on a limited basis but we firmly believe in the importance of giving our customers and partners a clear picture of the company's strategic direction. This discussion of Cairo and the next-generation directory services it will contain is provided in that spirit.
The most important thing to remember about Windows NT Cairo is that it will be an evolution of Windows NT Workstation and Windows NT Server. In other words, Cairo will provide distributed services built on the architecture that Windows NT provides today. The micro-kernel architecture provided by Windows NT, for example, will remain the same. By building new services on the existing Windows NT architecture, Microsoft will ensure a smooth migration to Cairo.
A next-generation directory is one of the services Cairo will include. The directory service in Cairo will be modeled after the X.500 specification, fully extensible, global, and interoperable with current-generation directories. It will also be tightly integrated with the Windows NT operating system, a characteristic we believe is essential to its ability to enable true distributed computing. As The Burton Group Report document "Directory Services Strategic Overview" points out, "In the future it is likely that directory data will be stored in a file system as distributed file systems and directories become more tightly integrated and object-oriented. Such a change will have a dramatic impact in that it could well eliminate schema as an issue and simplify directory and resource access."
As a next-generation directory, the Cairo directory service will achieve these goals through tight integration with the Windows NT Server operating system. For example, the Cairo directory service will not use a separate database, as is the case with current-generation directories. Cairo's distributed OLE file system will provide an OLE-based object store for the directory as well as other data. In fact, this distributed OLE file system will be the directory; individual OLE-based volumes can be grafted together to create a logical name space that supports an unlimited hierarchy.
Since the directory will be an integral part of the operating system, based on basic components of the operating system, it will serve as a unified repository for all network data, not just directory-specific objects. Cairo, then, will increase the kinds of information people can access via the directory by creating a single, unified name space that can accommodate all the information on the network. For example, current-generation directory service objects, such as users, groups, and printers, as well as other information such as user files and applications services, will all be a part of the directory and can be viewed, accessed, and managed as OLE objects. Cairo will also provide a powerful, OLE-based application development framework that will allow third parties to take advantage of all these features.
Cairo will be accessible from a variety of client types. Thus, Cairo will create a distributed computing environment that will help end users, administrators, and application developers to realize the promise of Information At Your Fingertips.
With Cairo, end-users will be able to approach their work differently. Whereas today they need to understand many technical aspects of the systems that contain the information they need, end-users tomorrow will find the information they need to be much more accessible. They will be able to access directory information as OLE objects and also search for information by a rich set of attributes, and more importantly, by content. Instead of asking for all of the files on drive f:, for example, an end user will be able to ask for all documents in the system that contain information on a particular subject. The directory, then, will make access to all types of information a natural extension of the user's workstation. In other words, users will be able to focus on their work and not on how the network works.
For the network administrator, Cairo's next-generation directory will provide an increasingly unified administration model. All of Microsoft's BackOffice products will support the Cairo directory, allowing a single, unified name space. And because all network resources will be seen as directory objects, the network environment can be managed in an increasingly holistic fashion. The Cairo directory will also interoperate with other directory services, both public and private, allowing the administrator to unify the implementation, access, and management of network resources, including current-generation directories, within the Cairo directory itself.
Developers will be able to add far more than administrative capabilities to their applications. They will see the directory as a unified repository for all network data; a single application programming interface will provide access to the directory and all of the objects in it. Developers will be able to create a new generation of distributed and collaborative applications as a result. For example, an OLE-enabled application that today executes on a single desktop machine can tomorrow be distributed, executing on multiple machines across the network.
In other words, the next-generation directory service in Windows NT Server Cairo is an important part of fulfilling the vision of Information At Your Fingertips. Using it, companies of all sizes will be able to implement network systems that allow people to focus on information, rather than the technical aspects of that information and the system that contains it. People will be capable of storing, accessing, managing, and analyzing data from a wide variety of sources without having to think about where that data is physically stored, or the applications needed to manipulate the data.
It is important to stress that Microsoft understands the customer's need to make an orderly transition to the Cairo environment. Many customers are deploying Windows NT Server today. While these customers will want to set up and use a unified directory name space under Cairo, the transition to Cairo must occur in a time frame dictated by the customer, and with minimal disruption to end users. Microsoft is committed to that goal and will facilitate that transition in several important ways.
First, Cairo domains-an Organizational Unit (OU) in the directory that contains resources and administrative policies-will be fully interoperable with Windows NT Server domains. Existing Windows NT Server domains will be able to trust Cairo OUs, just as they trust other Windows NT Server domains today. Cairo servers will also be able to function as backup domain controllers for Windows NT Server domains. This interoperability will allow the upgrade to Cairo Server to occur in an orderly fashion, while allowing existing Windows NT Servers to work without modification. Note, Cairo OUs will be much more functional than Windows NT Server domains. Cairo will eliminate the need to establish explicit trust relationships between domains and will support the inheritance of rights and relationships in the hierarchy.
Second, administrators will be able to choose where user accounts are maintained and administered, as well as when those functions will be moved to the Cairo environment; they will not be forced to use the Cairo administration model until they're ready to do so. Even when Cairo servers are on the network, for example, administrators will be able to maintain all account information in the Windows NT Server domain, using the current Windows NT Server administration tools. Thus, administrators will be able to deploy Cairo servers without disrupting the administration of the network.
As Cairo servers are deployed, administrators can begin to store user account information on Cairo servers, while continuing to store and administer those accounts in and from the Windows NT Server domain. This will allow organizations to migrate account information to a Cairo server in an incremental fashion as they gain confidence in the stability and capability of Cairo. Once Cairo servers are well-established, administrators will be able to maintain all account information on Cairo servers, using the Cairo tools. Further, for non-Cairo clients, however, Cairo servers will continue to look and act just like Windows NT Server 3.51 servers.
Once all client and server transitions have been completed, the Cairo environment will be the everyday environment for both end users and system administrators. And, the transition enabled by the interoperability between and integration of Windows NT Server and Cairo will allow organizations to make an easy transition to the unified and global name space provided by Cairo, without disrupting the day-to-day operations of the network.
As was pointed out earlier in this document, a wide variety of directories-most playing an administrative role-have already been deployed. These directories include NOS-based directories such as DCE Cell Directory Service, Banyan StreeTalk, Windows NT Server Directory Service, or NetWare Directory Services. The directories may also include application specific directories, such as Lotus Notes, cc:Mail or Microsoft Mail. This poses an interesting challenge for end-users, administrators and developers. While a single directory for an entire organization has many positive qualities, no product on the market today can fill this very large requirement. These multiple directories, then, pose some complex challenges that have limited wide scale NOS-based directory deployment.
End-users face the problem of getting a single logon to multiple directories and using one interface for rich access to information across multiple directories. Administrators face the complexity of managing multiple directories within the enterprise. And while most end-users and administrators would prefer to see application developers use an existing administrative directory instead of creating yet another one, developers face a tough question-which one should they use? With each directory providing its own specific application interfaces, developers are forced to choose between directory implementations and so they usually do not use existing directory services.
Figure 6 - The Challenge Facing The Industry
In fact, end-users, developers, and administrators face similar problems in every area of network application development. Whether it is messaging, telephony, database access, or licensing, developers face a confusing array of choices that complicates the development of network-enabled applications. Microsoft developed Windows® Open Services Architecture (WOSA)to solve that problem. WOSA provides a set of Windows-based application interfaces that give applications seamless access to a heterogeneous network environment. Within WOSA, these application interfaces are mapped to a corresponding Service Provider Interface (SPI). Service provider modules for specific service implementations are written to the SPI. Applications written to the WOSA APIs will be able to work with any service for which modules have been written.
As a part of WOSA, for example, MAPI gives Windows-based applications access to MAPI-compliant messaging services while allowing these messaging services to work with any MAPI-compliant messaging application. Likewise, the Open Database Connectivity (ODBC) interface gives applications access to any ODBC-compliant database server.
Microsoft has delineated a statement of direction in helping solve these customer problems noted above. Open Directory Services Interface (ODSI) is a set of WOSA APIs that will make it easy for customers and ISVs to build applications that access, manage, and register across multiple directories.
ODSI, then, is the ODBC for directory services-applications written to ODSI will work with any directory service for which service providers have been written. The problems, outlined above, will be addressed by four APIs, all of which are or will be a part of WOSA-Network Provider Interface, Windows Sockets Registration and Resolution (RnR) or RPCs, OLE DB, and OLE DS.
Figure 7 - The Open Solution
The Network Provider Interface, allows creation of an authentication provider for a directory and hence enables an end-user to get a single logon across multiple directories, for which there are authentication providers. It is present in Windows NT Workstation (has been available on an as need basis) and Windows 95 today (Windows 95 DDK). Microsoft will also make it available in the Windows NT DDK in Q4'1995. Provider writers need write only one provider that works on both Windows NT and Windows 95-in the case of both Windows NT and Windows 95 simultaneous authentication is provided at the initial login. Further, in the case of Windows 95 a Win32 API can also be used to call this interface.
WinSock RnR is supported in Windows NT 3.51 today. It is also part of the Windows Sockets 2.0 specification being circulated by the Windows Sockets Committee. RnR allows applications to register themselves with multiple network name and directory services independent of the underlying transport protocol. It also provides a limited capability for applications to resolve names of needed resources using those name services. Also, DCE-compatible Remote Procedure Calls (RPCs) can also be used to register applications to multiple directories. WinSock RnR and RPCs will eliminate the problems developers face when writing directory-enabled applications, by exposing a standard interface that works with multiple directories.
OLE DB is a set of OLE interfaces that provide database extensions within an OLE environment. OLE DB enables a new architecture for different components to share and manipulate data. Providers expose data stores as objects and applications consume these objects. OLE DB then allows access to any database, including directories, which are distributed databases. End-users can navigate and use very rich queries to find information across multiple directories using the OLE DB interface. The OLE DB beta SDK is scheduled to be available in 12/95.
OLE DS is a new interface that Microsoft is currently developing, and is designed to make it easier to manage multiple directories with one set of tools. OLE DS is an OLE automation interface and implements OLE DB interfaces to access directories. It abstracts commonly managed directory objects-user, group, printer, container, and computer-across multiple directories. These objects account for more than 80% of the time spent in managing directory objects. Administrators can build powerful scripts to automate schema management tasks across multiple directories. The interface is extensible and one can extend existing objects with environment specific properties or add new objects to the OLE DS schema, that might not have originally been part of the OLE DS framework.
ODSI is an open initiative and as a part of its Open Process, Microsoft will continue to work with other industry leaders, such as Novell, Banyan, and Lotus to help its widespread support. In fact, Microsoft has already had a very open process and solicited feedback for three of the four interfaces. For example, there have been multiple professional developer conferences, at which the Network Provider Interface and WinSock (RnR), RPC APIs have been discussed and feedback solicited. 30+ other vendors, including Microsoft, Novell, IBM, and HP have participated in defining the WinSock 2 specification. Further, there have been two design previews for OLE DB. Microsoft will organize another design preview for OLE DS and solicit feedback through a similar open process.
Next-generation directory services will be an important part of the distributed computing infrastructure that fulfills the vision of Information At Your Fingertips. Microsoft has outlined a clear, four-phase plan for implementing directory services as an integral part of the Windows NT Server network environment. This four-phase plan will allow customers to take advantage of increasing directory functionality, while providing a seamless migration path to the next-generation directory services in Cairo. In the process, Microsoft will define a new, more powerful way to use a computer and the network connected to it.
Microsoft is also clearly outlining a statement of direction to solve customer problems, associated with multiple directories. With the announcement of ODSI, Microsoft is helping to jump-start directory deployment and make distributed computing and Information At Your Fingertips a reality.
 |
Click Here to Search TechNet Web Contents | TechNet CD Overview | |
Microsoft TechNet Credit Card Order Form At this time we can only support electronic orders in the US and Canada. International ordering information. |
| Go To TechNet Home Page |
©1996 Microsoft Corporation |  Go To Microsoft Home Page |