114
Networking: A Beginner's Guide
Some directory services also allow a concept called partitioning, in which different
directory servers keep different parts of the entire directory tree. In this case, a
controlling directory server usually manages the entire tree (called the global catalog in
Active Directory), and then other directory servers can manage smaller pieces of the
total tree. Partitioning is important for networks with multiple LANs connected by a
wide area network (WAN). In such cases, you want to host a partition that relates to
a particular LAN locally, yet still allow access to the entire tree for resources accessed
over the WAN. Each LAN hosts its own partition, but can still access the total tree when
needed. You arrange the partitions (and set the scheduled replication times) to make the
best use of the WAN's performance, which usually is slower than that of a LAN.
Learning About Specific Directory Services
Quite a few different directory services are available. Choosing one usually goes
hand in hand with choosing a main network operating system, although this isn't
always the case. Both eDirectory and Active Directory can handle non-Novell and
non-Microsoft servers, respectively. Consequently, even a network that currently uses
mostly Windows servers might still rely on eDirectory for directory services through
the use of Novell's eDirectory for Windows product. Using a single directory service
with different network operating systems often happens because an organization starts
out favoring a particular network operating system and then later finds itself forced to
support additional ones, but the organization still wants to maintain a coherent, single
directory service to manage the network operating systems.
The following are the main directory services:
Novell eDirectory (previously called Novell Directory Services, or NDS) is the
network directory service that has been available for the longest time. eDirectory
runs on NetWare 4.x and later servers, and is also available for other server
operating systems (such as Solaris, Linux, and Windows), enabling you to use
eDirectory as a single directory service for managing a multivendor network.
Windows NT domains (introduced with Windows NT 4) are not actually complete
directory services, but they provide some of the features and advantages of
directory services.
Microsoft's Active Directory debuted with the Windows 2000 Server line of
products. This is a true directory service, and it brings the full features of a
directory service to a network predominantly built using Windows servers.
X.500 Directory Access Protocol (DAP) is an international standard directory
service that is full of features. However, X.500 provides so many features that its
overhead makes deploying and managing it prohibitive. Consequently, X.500 is
in an interesting position: it is an important standard, yet, paradoxically, it is not
actually used.