Building an agency metadirectory
- By Brian Robinson
- May 01, 2000
Computer networks in federal agencies initially were developed to support
relatively small groups of users. Network directories, which keep track
of users and devices plugged into the network, also were very focused.
But with networks becoming the nervous system of an increasingly interlinked
government, directories must evolve so that they will interoperate more
smoothly and handle much greater numbers of users and devices — or so-called
network "objects." The question is how to get there.
Finding an answer is the goal of a recent request for information from
the Defense Information Systems Agency (DISA), which is seeking input on
products and technologies with which to build a mammoth directory service
infrastructure that might eventually support as many as 250 million objects.
"Initially, the directory will provide basic contact information for
all DOD people, [but over time], directory services will expand, and object
populations will likely grow into the tens or hundreds of millions," according
to a DISA spokesperson.
There are thousands of directories in operation across DOD, the spokesperson
said, and most serve specific applications and do not interoperate well.
It has been only recently, with the emergence of public-key infrastructure
and advances in network technologies, that the goal of enterprise directories
on the scale of DOD has become conceivable.
In this case, the Holy Grail is a single, seamless directory that spans
an entire organization. However, people will have to first manage a number
of different directory structures side-by-side. That's where the concept
of the metadirectory comes in. It's a master directory that contains information
for all applications and sends updated information to the appropriate directory.
"What is happening there is pretty exciting," said Larry Gauthier, a
senior analyst at The Burton Group Corp., a market research firm specializing
in networking issues. "We are now seeing metadirectory functionality being
inserted into the core directories themselves, rather than the metadirectories
being implemented as separate products. We are seeing much tighter integration
between the two."
Most of the major directory services vendors have recognized the need
for directories to work with one another. Novell Inc., for example, which
has the largest share of the directory services market through its Novell
Directory Services, nevertheless went out of its way when it introduced
Version 8 of its product last year to support a range of services on other
Even Microsoft Corp. — notoriously fickle when it comes to working with
other vendors' products — has bowed to the inevitable. It introduced its
new, hierarchical Active Directory as part of Windows 2000, and the company
hopes Active Directory will become the dominant player in enterprise-level
"Microsoft has made a commitment to the metadirectory and to an ability
to have Active Directory work with other directories," said Silas Matteson,
director of product management for BindView Development Corp., a company
that specializes in multinetwork management.
"Ideally, I think people would like to have one directory. But they
know they will have to deal with several alongside each other for some time,
so metadirectories will be a long-term component of peoples' plans for some
time to come."
Most of the larger agencies, such as the Social Security Administration
and the Agriculture Department, are looking at developing enterprise directory
services, although perhaps not on the scale of the one planned by DISA.
The problem comes when agencies must decide when and how to move toward
those enterprise directory services in a constantly shifting marketplace.
"Directory technologies are immature and are rapidly changing," the
DISA spokesperson said. "We are likely to continue to make periodic requests
Robinson is a freelance journalist based in Portland, Ore. He can be reached
at [email protected]
Brian Robinson is a freelance writer based in Portland, Ore.