Dealing with Directory Dilemmas?

Bardaris asks: "In my work environment, I maintain a large number of Novell, and Windows servers. Although Novell is the dominant OS, vendor applications are increasingly making the change from Novell based apps, to single NT4/Win 2k servers. This has put a strain on my PDC. Currently the MS boxes are outnumbering my Novell 30 to 22, with more Win 2k servers in the coming months, as each application vendor has found it cheaper to dictate a sole Win server for their app, rather than sharing nicely on Novell. Now I've been tasked with assessing what to do with the Windows environment. My preference leans to eDirectory and dirXML to contain and maintain the Microsoft proliferation, but what of my NT4 PDC. Should I upgrade to Active Directory (if so, how)? Leave it as is until the last possible moment, whatever that may be? Is there a better way? I highly doubt I can sell a Linux/Samba solution, given the current state of the server environment and political climate here in my company, so that's not one of my options. I'm wondering if other Slashdot readers have ran across similar problems and how they tackled this issue."

eDirectory is the way to go

[invisik]

Clearly stay on eDirectory. You will eventually have Linux servers in the house, and that's a great way to integrate everything you are running.

You probably want to upgrade your NT boxes, if for no other reason then updates/security issues. If you can't bring them to NetWare or Linux, I'd consolidate as many as possible on Windows 2003 and plan your migration to other platforms.

I would also recommend calling your local Novell office for a personalized look at your situation and some better price offerings.

Good luck! Should be fun, if nothing else...!

-m

Straightforward answer.

[FreeLinux]

eDirectory and dirXML are definitely the way to go unless you plan to eliminate Novell form your network. As for the upgrade path to Active Directory? Microsoft's Active Directory has already decided that for you.

If you plan to continue using the same NT domains then you must upgrade your PDC to AD first. You will then be on Active Directory but, your BDCs will still work. You can then upgrade you BDCs at your leisure but, you shouldn't plan on taking a year to upgrade them either. There are issues that will arise over time that would be more easily handled if your BDCs were Active Directory DCs.

Luckily for you, Novell has seen the Linux light even if your employer or software vendors have not. I would recommend that you press your vendors for Linux versions of their applications and make lots of noise about switching to a vendor that does support Linux, even if it is only a bluff. Over time they too will start offering support for the Linux platform too. Novell, eDirectory and Linux. Now that's a nice network.

1 domain, 52 servers?

[droid_rage]

You've got One NT4 domain, 52 servers, and out of those, 22 of them are Novell, but most of those are going away, right?
Since you've already got an NT4 domain, your easiest bet is to upgrade to Win2k/2k3 AD. If you've got s single domain, and no trusts, this is simple. if you upgrade your NT4 PDC to Win2k/2k3, it will automatically promote it to an AD DC. Now, it's important to learn something about AD, and you really should have multiple DCs for fault tolerance and load balancing, but this is all pretty easy. Microsoft even has free guides to help you out [microsoft.com].

Stay on Novell

[bolix]

Novell eDirectory and the DirXML ADS driver will facilitate integration with the x.500 standards compliant (for once) ADS 2k3/MS-LDAP.

If you need an interim solution, talk to Interix [interix.com]. They can make ADS talk to anything.

Linux is not the only possible answer

[winchester]

I am getting sick and tired of people constantly recommending Linux as the solution to whatever problem someone has. Face it, people, Linux is a wonderful operating system, and given a choice I would have a Linux box on my desk instead of a Windows one, but as it stands, Linux is not what makes the world go round, Microsoft currently holds that position.

I agree that that is an unhealthy situation, but blindly recommending Linux for whatever problem someone poses is not the solution to that problem. The same counts for any other-than-Microsoft solution. Understand that sometimes a Microsoft solution is not a bad choice!

Now to the problem. The first thing you should do is investigate support options for Windows NT, and the possibility of a migration towards Windows Server 2003. While doing so, interoperability with Novell should be high on your priority list.

Also understand that there is a profound difference between NT4 domains, a Windows 2000 AD domain and a Windows Server 2003 AD domain. Where Microsoft pitched Windows 2000 AD as an enerprise directory, they have now seen their mistakes in doing so, implemented major improvements to the AD and no0w they are selling it as a systems management directory. In other words, if you want an enterprise directory, stick with Novell. If you don't want or need that, go with Windows. Take into account the fact that once you go the full Windows AD route, you are running one or more Kerberos realms, with all the associated problems. Also understand that a proper DNS infrastructure is mandatory for a healthy AD domain. The third point: AD replication. Before implementing anything, make detailed calculations about the amount of directory replication traffic if you run multiple domains (hint: you don't want to, but might need to). This last point doubles in importance when replicating to remote sites over slow wan links.