Novell muddies NetWare/ W2K management waters

Novell has quietly shelved a key directory-integration tool, which is likely to force IT executives with mixed environments to make an either/or choice between NetWare and Microsoft's forthcoming Windows 2000.

At issue is the redirect capability of Novell Directory Services (NDS) for Windows NT. Redirect allows users to reroute authentication and access-control calls made to NT 4.0 domains into NDS, which nearly eliminates user management on NT servers.

However, in NDS 8 for NT - the next version of the software - redirect is being replaced by a bi-directional synchronisation tool called DirXML.

The switch means NDS shops will no longer be able to sidestep administration in the Microsoft environment if they upgrade to Windows 2000 Active Directory. Administrators will have to manage both network operating system directory services.

`I'm concerned about the immediate absence of redirect,' said Peter Cruikshank, network architect for the US Navy, who is currently piloting NDS for NT. `I don't want to upgrade to Active Directory now and then upgrade to redirect [at a later date].' Cruikshank said redirect provides a single directory service and that consolidation means less management. `If I had already deployed, this would be a bigger issue. I would have to ask myself, 'Where do I go now?'.'

Faced with that question, IT executives may be inclined to choose one or the other NOS for their enterprise, according to analysts.

`The lack of redirect puts pressure on NDS customers to choose between Novell and Microsoft,' said Daniel Blum, an analyst with The Burton Group. `Customers can't continue to run both directories in parallel quite as easily as they once could. The value proposition of NDS is reduced.'

Novell seems to be in a better position to satisfy customers right now because Active Directory is not shipping and will be nothing short of challenging to deploy when it does. Still, the issue of redirect has users concerned.

`This is a step back for me. My understanding was that they would offer redirect,' said one network architect for a large telecommunications company, who asked not to be named. `The best feature of NDS for NT is keeping passwords in synch. They need to recreate that with DirXML.'

Novell says it will do that. `The push is to manage user objects from both directories as one object,' said Cydni Tetro, product manager for NDS.

The mothballing of redirect is somewhat of an about-face for Novell, which had promised the technology would be there for Active Directory. Two weeks ago at the GartnerGroup symposium, Novell CEO Eric Schmidt began selling the change, saying the mechanics of how NDS and Active Directory synchronise will vary from NT 4.0 to Windows 2000 but `from the customer perspective, the functionality is the same'.

While some experts dispute Schmidt's assessment, customers committed to redirect may be on a dead end. Two weeks ago, Novell officials admitted that Active Directory redirection is difficult because an entire subsystem has to be replaced.

Some observers go further, saying that redirection is impossible. But Drew Major, Novell's chief scientist, last week downplayed the difficulty, saying the technology will be developed over the long term.

But Novell appears to be hedging its bet that users will eventually accept synchronisation, the same technology Microsoft is developing, over redirection.

Putting redirect on the back burner is not entirely Novell's doing. Microsoft tried to make redirection impossible when developing Active Directory, according to observers.

When coupled with Novell's decision to shelve redirect, it pushes users into a fog of choices.

IT executives can install NDS 8, and upgrade to NDS 8 for NT and deploy the 1.0 release of DirXML, both of which ship early next year. Novell will release migration and upgrade tools for DirXML, a set of directory connectors. The upgrade also requires NetWare 5.0 and a new client.

Users could also uninstall NDS for NT, migrate off NetWare, and adopt Windows 2000 Active Directory. They could run NDS and synchronise it with Active Directory or vice versa.

IT executives could also opt to run NDS natively on multiple platforms. Versions of NDS 8 for NT, Linux and Solaris are expected to ship in 60 days. And a version for Windows 2000 is under development, according to Paul Corriveau, product marketing manager for NDS.

Users also have the option of running NetVision's Synchronicity, which provides a single point of user administration through NetWare Administrator, the management console for NDS. Novell itself bought into that option when it licensed Synchronicity in September.