| A successfully deployed directory can be leveraged to support new directory-enabled applications. One such example is Netscape's Maps application, which is also called The Locator. Netscape's Mountain View campus has many meeting rooms. Like many other companies in Silicon Valley, Netscape names these conference rooms after cartoon characters , movie names , famous people, and so on. Although this naming convention is fun and part of the culture, it can make it difficult to figure out where you need to be for your next meeting unless you happen to know, for example, that the Miles Davis conference room is on the ground floor of Building 12. Similarly, employees ' office numbers are arbitrary numbers that do not give any indication of the location of the office within the building. Some way was needed to help employees determine the physical location of offices and conference rooms. To address this need, the Maps application was designed. This Web-based, directory-enabled application allows a person's name or conference room name to be looked up in the directory. If a match is found, a graphical map is displayed in the Web browser window, and the location of the cubicle or meeting room is highlighted. The location (in x,y coordinates relative to the upper left corner of the map image) is stored in an attribute of the directory entry. After the map is drawn in the browser window, a small cross-hair cursor moves across the screen to highlight the location. The Maps application is very popular, and it is used hundreds of times each day. Many other directory-enabled applications have been developed that leverage the Netscape internal directory service. Here are a few examples: -
The Phone Book application . This Web-based application was described briefly earlier in the chapter. In addition to helping employees find contact information about other employees, this application allows employees to update their directory information (for example, they can add a home postal address or an "on vacation" reply notice that is picked up by Netscape's e-mail service). -
OrgChart, an organization charting tool . This Web-based application is driven entirely from data that is stored in the directory service. In particular, it uses manager attribute values from person entries to construct a graphical view of the Netscape organization. The OrgChart application is also linked to the Maps and Phone Book applications. -
PKI deployment . Netscape uses public key certificates for secure e-mail and to protect access to sensitive Web content. The directory service is used to distribute certificates to people and servers and to help employees acquire new certificates and renew existing ones. -
TinderBox, a source code tracking and continuous build system . This system, a variant of which is used by the mozilla.org open -source effort, tracks recent source code changes and repeatedly compiles all the software that Netscape's engineers are working on. The TinderBox system pulls some information from the directory to make it easier to contact a software engineer in the event that an error was introduced because of code they added or changed. -
Protected Web content . Although most information that resides on Netscape's internal network is freely available to all employees, some sensitive information is not. The servers for the Web sites that store sensitive information all use the Netscape Enterprise Server software to restrict access, and the Enterprise Server software in turn consults the directory service for authentication and to make group -based authorization decisions. -
Directory-enabled utilities created by individual developers within Netscape . Because it is easy to develop directory-enabled applications for Netscape's internal service, over the years many small utilities have been created by individuals within Netscape. For example, a Perl script named utc (which stands for "up the chain") searches the directory to find a person and his manager, and his manager's manager, and so on ”all the way up to the top of the company (at the very top of the chain is the chairman of AOL Time Warner, Netscape's parent company). The utc utility and other custom applications are written and shared among Netscape's employees to leverage the directory data and increase their productivity. Directory Deployment Impact In what ways did things change for the better after Netscape deployed a directory service? The following are a few of the ways that the directory has improved life for Netscape employees: -
The employee hiring and termination processes are now automatically triggered by changes made to directory data. Before the directory service existed, hiring and termination were tedious processes that required departmental administrators to submit separate work orders for account activation/ deactivation , computer system orders, network drop, and so on. The Netscape IS department now treats the directory as an authoritative repository and triggers events such as account activation on the basis of the directory data. This automation has streamlined the processes and provided significant cost savings. AOL Time Warner Update Since Netscape's initial directory deployment, the company merged with America Online, and two years later the combined companies merged with Time Warner to form AOL Time Warner. The AOL Internal Computing organization was quick to see the value of the directory service that Netscape had deployed. The contents of the directory were quickly expanded to include entries for all AOL employees and contractors, and during the term of the Sun-Netscape Alliance it also held information about Sun employees who were assigned to Alliance projects such as the development of iPlanet Directory Server. After the merger with Time Warner, an existing Time Warner employee directory was integrated with the Netscape service. What additional changes have been made to the directory service since Netscape became part of AOL and since AOL merged with Time Warner? New schemas have been added to support AOL's business processes, to support identification based on AOL screen names in addition to Netscape user IDs, and to allow people to be located on the basis of their instant messaging ID. A plug-in for Netscape Directory Server has been developed that supports authentication using screen names and their associated passwords. More directory replicas have been deployed to increase availability and redundancy. Several new directory applications have been deployed, including an electronic purchasing workflow system and a "trouble ticket" system that is used to track software and hardware problems reported by employees and customers. To support applications that require access to companywide information, AOL Time Warner is deploying a new corporate directory service that includes information on all of its 80,000 employees. The new service is based on the same principles and the same underlying technology that were used in Netscape's original deployment. Meanwhile, the original Netscape directory service will continue to operate to support the specific needs of the AOL division. AOL Time Warner discovered that it would be very difficult to deploy one directory service that would meet the needs of all the AOL Time Warner divisions, simply because the needs differ significantly. Instead, each division will feed data from its own sources to the corporate directory, and each division may choose to run a divisional directory. | -
Administration of user and group information is now centralized. Instead of each application requiring its own user and group database, applications obtain this information from the central directory, either directly or via a synchronization process. -
Windows NT domain user and group information is synchronized from the directory, reducing maintenance costs. -
Employees can change all their passwords (Unix, NT, and directory) at one time using a Web-based application called Password Central. The passwords are pushed from the directory into NT and Unix NIS, ensuring that the same password is available everywhere. -
A variety of useful directory-enabled applications are available, such as the Phone Book and Maps applications. And new directory-enabled applications are constantly being developed. |
