News

What’s New with the Directory

Changes are afoot to make Active Directory more flexible.

If you missed our Active Directory Summit in Philadelphia a few weeks ago, let me share some of what we learned. Two of the most compelling presentations focused on coming changes to AD in the .NET Server timeframe—important stuff for anybody implementing Windows networks. Stuart Kwan runs the development team working on that effort in Redmond. Charles Oppermann, retired after a lengthy career with Microsoft, wrote Microsoft Windows 2000 Active Directory Programming; he understands the insides of the technology as only a programmer can.

Microsoft has three primary goals, according to Kwan, in its .NET rendition of AD: 1) impose no requirement to redesign currently working implementations; 2) increase the ability of AD as a programmatic platform and ease porting from Sun and Netscape’s iPlanet Directory Server; and 3) enhance performance and provide 64-bit support.

Among the gems he shared: The next version of AD will support domain renaming, handy for divestiture scenarios. Currently, if the root domain structure changes, you could face the prospect of tearing down your whole enterprise to restructure it. Of course, the new world won’t be perfect. Every domain controller in the forest will need to be updated and rebooted, every machine joined to the renamed domain will need to be rebooted, and every Windows NT 4.0 machine will need to rejoin the domain. While the forest root can also be renamed if it’s a .NET-functional forest, the root role can’t be moved to a different forest.

Also, adding attributes to Global Catalog objects will no longer require full synchronization among other GCs. Now only the new attributes will be replicated. If the .NET GC doesn’t find a .NET partner, it’ll do a full sync.

Interestingly, what finally drew applause in Kwan’s talk was the simple fact that the new rev of AD will support drag-and-drop and multi-select and edit of user objects. We’re a demanding bunch.

As Oppermann explained, a GC will no longer be necessary for login. This will reduce that sucking sound that happens every morning when 40,000 people in your company crank up their machines. The DC closest to the user will cache the user’s complete group membership. The cache will populate at the first login, then subsequent logins will use the cache, which will get refreshed periodically from the nearest GC.

Another tidbit: You’ll now be able to install replicas from media—a handy option for deployment efforts. You’ll simply make a backup of the DC’s system state data; when it’s plugged in at the new site, it asks what’s changed and replicates only those changes.

Come July in Seattle, we’ll be hosting a summit on Windows security. Columnist Roberta Bragg and Senior Editor Keith Ward are currently developing the program for that and we don’t know what surprises will be revealed. If you can find a way to join us, I encourage you to be there. Staying on top of changing technologies is like keeping your head above the waves. I consider these kinds of conferences the best pair of fins you can buy.

About the Author

Dian L. Schaffhauser is a freelance writer based in Northern California.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.