Enterprise support for Red Hat, Debian Linux, OpenLDAP, PostgreSQL, Samba and Squid from Sirius Corporation plc

Directory Services: Part 1

This month's OPEN For Business! is the first in a mini-series. The series is about how to use Directory Services to make the administration of your network simpler and easier. We'll look at how to replace every bit of proprietary software you may have in that network with what we all know is a far faster, far more reliable solution, Open Source software. Then finally, and most importantly, I'll show you how to tie it all together into a network that really delivers, and that really provides, what the business wants and IT's users need.

First of all some background. Let's start with something that's often unpalatable - the truth.

The truth - would you start from where you are?

The truth about almost every network in the world is that it consists of a wild variety of disparate (or is that desperate?) technologies, platforms, operating systems and services. Timescales are always tight so bits have had to be tacked on here, kluged there and patched all over simply to keep pace with the latest business demand or new management strategy. So itâ€™s all grown higgledy-piggledy over the years. Now ask yourself, if you had to do it again would you really want to start from where you are?

Even so-called 'Microsoft shops' rarely consist of a single build of Windows. Indeed, the truth about the Windows platform is that it's just as 'fragmented' as any other - you didn't really believe that Windows 3.1, 3.11, 95, 98, 98SE, 98ME, NT 3.51, NT4, 2000, XP Home, XP Professional, 2003, XP Reloaded (!) were perfectly interoperable or even similar operating systems did you? Then there's the never-ending barrage of Service Packs. It's best not to even think about what they do to the underlying technologies, protocols, or even file systems... Yep, the plain truth is that an operating system monoculture, even if it were desirable, only exists in the proprietary vendors' marketing brochures.

Now, add network services to this already heady cocktail and you've got what most businesses out there have complexity in spades, constant fixes and upgrades, high cost, poor reliability. In short, a mess. Yet a mess that's absolutely crucial to business competitiveness and performance.

So what's a poor IT Director to do?

Well, there's certainly no shortage of vendors happy to 'advise' you, and to help you sort this lot out. Most vendors will tell you that their solution can integrate all of your various platforms, and that if you choose their solution everything will be "roses, roses!". Occasionally they even mean it! More often than not though, what they actually mean is that you have to chuck out all those 'non-industry standard' (this week!) platforms you've been dumb enough to accumulate and 'upgrade' to the best, all time favourite, greatest platform of today. Theirs. But at what cost?

Always remember - it-s only lizards that can grow new arms and legs . . .

A shining light:

So is there any light that Open Source can throw on this issue? And is there a strategy for using Open Source to extend the life of your existing cocktail (if it ain't broke . . .), keep your options open for the future, and maybe even give you a clear roadmap to the future based on Enterprise Class Open Source solutions?

Funny you should ask that . . .

The common element in all IT systems is that your users need to use them. So the logical place to start is with a single source of user information. This is where Directory Services come in. All the vendors know this, this is why Microsoft's Active Directory, Sun's Sun One Directory, or Novell's eDirectory are touted as the cure for all network woes. Now is there a common element to all these products? You bet!, it's called LDAP.

LDAP, or the Lightweight Directory Access Protocol, enables information about objects (most commonly users but also computers, printers, servers, pretty much anything), to be held in a tree-like organisational structure. You can associate key pieces of information with these objects, things like passwords, email addresses, HR information, home directories, and so on. Once you've done this you can use your directory as the basis for managing pretty much everything about your network. It's the Holy Grail!

One of the things Microsoft networks have historically done, and done reasonably well, is to give a form of single signon to the network and all its services (as long as they're Windows of course!). It's the basis of Windows networking's supposed 'ease of use' (along with GUIs for everything!). It comes with a price tag, however - and I don't just mean money. The thing is, if you use a Directory Service that locks you into a single platform (whether it's Sun, Microsoft, Novell, anyone), you've just slapped on a pair of lock-in handcuffs and dramatically reduced your options. And guess what vendors do when you run out of options . . .

Quite simply, for many tasks, non-Windows software does a far better job. But these days it's Open Source software that does the best job of all.

Simply better software:

Over the next few months, OPEN For Business! will show you how to build an entirely Open Source Directory Service. One that will give you options. I will show you how to do this and why you should want to. I will show you how you can integrate what proprietary vendors disparagingly call your 'legacy' systems (even though you appear to be getting perfectly decent service from them!), and how you can weld together multiple platforms, different generations of technologies, servers, services and desktops into a functional whole, without mortgaging your future to a roadmap your vendor tells you is "the one true way".

This is a big subject, so we're going to take several episodes to cover it. Here's a taster of what we'll do:

Single user account base and single sign on across all of your non-Windows systems (Linux, Solaris, MacOSX, FreeBSD, HP-UX, etc)
Extending this account base to offer the same accounts, home directories, passwords, etc to your Windows servers and desktops
Using the same accounts to manage access to key network services (email aliases and routing, Internet access, web server access, FTP, network file systems, the list goes on)
Extending your directory to represent groups, desktop PCs and workstations, printers and other objects
Using your directory for a company-wide single address book

It's simple, it's easy to do, it's fast and it's reliable. The business will absolutely love it and your FD will smile all the way to the bank. And all because it's simply better software.

Set as favorite

Bookmark

Email This

Trackback(0)

TrackBack URI for this entry

Comments (0) Add Comment

Subscribe to this comment's feed

Write comment