Microsoft's Active Directory...where's the value?
Hannah Worthington, hannahw@wilsonharvey.co.uk
24th February 2005		 Send this article to a colleague  Print this article

How do you leverage the benefit of Microsoft's Active Directory (AD) and does the impending cease of NT 4 support make this a more compelling event?

Current situation
Microsoft estimate that 16% of their UK installed server base is still running the NT 4 product, which after 9 years of significant use retired on 31st December 2004.


In addition, Gartner says that 47% of the mid-market (anyone with 25-1000 PCs) has 'no plans' to move to Active Directory, and that the majority of these people don't know what it is or what value it can bring to the organisation.

Paul Russell - Head of Consulting believes that this picture is not as clear as statistics suggest. He says "Many organisations we are dealing with have a strategy. This strategy is however not based on implementing an Active Directory. Even today, most IT managers are driven by other events in their business that dictate the strategy and the AD is a stepping stone to realising this goal. This is evident when you meet some organisations who have implemented an AD but when you examine their usage it becomes obvious that it isn't being used and that the business still relies on NT 4".

Servo's strategy during 2004 has been to drive our migration campaign (www.servo.co.uk/migration) and there has been a huge take-up of workshops for customers who have developed their strategy and require design and build assistance. Each one of these companies, without exception, has a need other than "to implement AD". Typically these organisations have a number of strategic drivers;

Implementing Exchange 2003 (probably 75%)
Implementing an XP desktop strategy and need the power of deployment tools e.g. Group Policies, RIS provided by AD
Implementing a collaboration strategy e.g. SharePoint Portal Services
Implementing a business application that requires a directory service e.g. HR, ERP

A very small number have implemented AD purely to get off NT before Christmas, but this is not the general trend we are seeing at Servo.

There has been enormous activity however for customers to migrate individual application servers from NT to Windows 2000 or Server 2003 but once again strategies have varied from those who have simply ripped and replaced hardware through to those who have evaluated the risk and decided to harden the NT OS to reduce any vulnerability. The one thing in common with all of these customers is that they had a plan driven by another event.

This is what makes the statement "Why haven't you implemented AD?" such a difficult one to answer on face value and therefore a difficult concept to sell.

So how do you exploit AD in your business and how can Servo help?
First we need to understand what AD actually is. It can mean so many different things to different people.

Technical people will describe AD as a database of objects containing information relating to users, printers, servers and so on. They will see it as aiding them in the administration of all aspects of their network and ultimately, reducing their time to adapt to change e.g. users moving, applications being deployed, adding new offices. They will also see it as a platform to integrate other directories that they had to manage separately under NT 4 - most famously Exchange 5.5.

Developers will see AD in a different light, perhaps as being a vehicle for them to manipulate the information contained in the AD to use with applications they are developing to improve single sign on or to pass parameters from AD to their application. Overall AD can significantly improve application development for those organisations that chose to invest in developing business solutions.

Function heads such as HR Directors will look at AD as a way of taking data from one directory of user information e.g. payroll, and presenting the identity to AD in order to reduce separate administration of user activity (provisioning).

Security professionals will want AD to improve access to resources through lockdown of devices and data and deliver secure VPN access. AD is core to this.

Procurement people will focus on controlling assets and will see AD as a way of collecting information on corporate IT assets and maintaining software asset information to use when discussing compliance and cost management.

Helpdesk managers will want to improve their first-time-fix on desktops or raise the uptime of services and will look at tools to manage these services from a central directory of objects.

Senior people will want mobility, perhaps access to email and calendars plus line of business applications from their trendy device. AD is behind the security and integration of this delivery.

Business heads will look at AD as a consolidation process to reduce duplication of services and effort from their IT staff to get more done and underpin their strategies as business people.

Each has a different view of AD but in lots of cases they don't refer to AD by name. It is just implied. This is partly why AD is difficult to sell.

The answer is to exploit AD
Exploitation of AD like any IT system is the key. Rather than see AD as this animate collection of bits of information all glued together which doesn't improve the bottom line of the business, AD must be used in the right context.

If you examine the Microsoft stack of products this gives you an insight into how this exploitation works.

Notice that AD is at the bottom - it is just the foundation. The focus must be on what the business is trying to do with their IT systems that will demonstrate the value of AD. There are organisations believe it or not that can demonstrate that they can still make mountains of money without relying on AD.

Paul Russell adds "Many business people I meet can discuss clear alignment of business objectives with IT systems, and expect their IT people to select the right tools for the job. Best value and fit for purpose is a common adage. Spending time with such people makes the exploitation of AD easy. Recently I met with a Finance Director who has a single goal to mobilise his senior team. Sure he can buy loads of devices but without an end to end solution, at best; all he will get is email on the road. So what? What he wants is a platform. A platform on which he can implement mobile applications that drive the productivity of his staff and the return on investment for his financial outlay. Importantly he sees mobility as a way to make money. He doesn't care what AD is - in fact, watch his eyes glaze over when you talk about it!!"

Another customer who sits in the 'why do I need AD' camp suggested that his business didn't need AD and that they were ok. Discussions about NT 4 support stopping didn't get him excited. It was only when we got onto the subject of collaboration that he perked up. To him collaboration meant document management which was fine as AD can be leveraged to take Office 2003 and glue together with SharePoint Server 2003 to give him a document management system. However, discussion went on and soon the benefits of pulling data from his ageing UNIX systems and present data into a browser accessible by his board really rocked his boat! He needs AD.

We can go on.

So the message to those diehard NT organisations who may have read about AD or looked at it, we say this. Don't be fooled by the list of AD benefits. We don't think they are enough. Please do however look under the bonnet and start unpicking your businesses strategy to make money and then look at AD again. Migrating from NT doesn't have to be an arduous task. Most of it centres around planning.

Even working on the design and how it may impact the infrastructure is enough for most organisations to at least take the first step. Servo's migration workshop approach is testament to this.

During January 2005 Servo are working very closely with Microsoft to help organisations not sold on NT 4 to understand how to exploit AD - whether it be on a security front, or better email delivery, or improved management of assets.

This article aims to encourage these organisations to meet with Servo's team and discuss openly the ways to take AD and build around elements of the Microsoft stack to address business requirements and perhaps clear up misconceptions or blocks in the adoption of NT 4. This meeting will cover both business drivers and technology in use, and attempt to map a strategy to use AD. In most cases this should lead to a commitment to developing an AD design or a specific test scenario. We are convinced that our team can make this discussion meaningful and relevant. Just the thing to wipe away those New Year blues!!

To conclude, it is clear that NT 4 has gone. It is technology that's not hot anymore. It isn't coming back. Moving on has to happen at some time. Servo can help with Microsoft's support to ease this transition.



   





 


Sharing the results of Servo's research program
Servo recently invited 100 customers to participate in an on-line questionnaire covering 12 topics. Our objective was to gain insight into our customers' roadmaps and priorities. This article shares some of the interesting highlights.

When there's no room for error, how do you guarantee server availability?
We interviewed Mark Howarth, Associate Director at Servo, to understand his advice to customers that are managing business-critical servers. He gave us his views on the pro's and cons of traditional server support, and his recommendations for an alternative approach that can eliminate unplanned server
downtime.

Mobile email & calendaring - is it genuinely compelling?
Mobility means different things to different people, but it is predicted to fundamentally change the way we all work. A number of technologies have come together over the last few years to make this possible and mobile email is often the first foray for many businesses. But just how compelling is it and what choices should you consider as you look to deploy?

Archiving now a top 5 priority
If you're budgeting for next year's IT projects then this article urges you to consider including archiving. It illustrates how it has gone from being a niche deployment to a strategic part of your IT armour with a long list of business benefits over and above compliance.

Want to see what Microsoft is up to this year?
Rather than do a Longhorn visionary piece we thought it would be helpful to position some tangible activity that this year is going to bring to us all. Focusing on the desktop, server and security this article summarises how customers can improve their network service.

Microsoft's Active Directory..where's the value
How do you leverage the benefit of Microsoft's Active Directory and does the cease of NT4 support make this a more compelling event?
 
Using Citrix? You should read this. new version 4.0 is due this summer
If you have Subscription Advantage this is important news to you. Promised in this new release are several optimisation and user enhancements.
Click here to read more.