| To serve its internal customers better, HugeCo's central IS organization decided to design and deploy an organizationwide LDAP directory service. The motivation to create a comprehensive corporate directory was driven by the following goals, which addressed some immediate and some long- term needs: -
To improve internal communication . HugeCo's executive staff handed down a mandate that internal communication should be improved. The IS organization decided that a good way to streamline internal communication would be to make it easier to locate and share information about people and shared resources such as conference rooms. Before the arrival of the organizationwide LDAP directory, most applications had their own database of users, groups, and resources, which added to end- user confusion and created a high administrative burden . IS managers believed that less time would be wasted if the quality, consistency, and timeliness of data that employees use to initiate communication with other employees improved. In addition, if a shared, organizationwide directory were deployed, the elimination of redundant information could lower the data management costs. -
To make it easier to develop and deploy Web applications . As more Web-based applications were being developed and deployed, it became clear that shared authentication and a shared group data source were needed. A common directory service used by all the custom applications would allow HugeCo to provide a form of single sign-on and decrease the costs of developing, deploying, and maintaining the custom applications. It would also lower the cost of entry so that smaller departments without the resources to develop and maintain their own infrastructure could develop and deploy their own custom applications. -
To increase security and privacy . Over the next two years , HugeCo plans to issue public key certificates that employees can use to authenticate to e-mail and workflow applications. Deployment of the necessary public key infrastructure (PKI) is a time-consuming task, but it is made easier by the presence of a directory service. In the short run, the HugeCo directory provides a single point of management for passwords and distribution of role-based access rights used by Web-based applications. In addition, some departments within HugeCo have started to use Netegrity's SiteMinder product to control user access to their custom Web-based applications. The security and privacy of the directory data itself are important issues because of the wide geographical dispersion of HugeCo's employees and because some of the corporate traffic is tunneled through the public Internet with VPN technology. -
To improve communication with dealers and suppliers . HugeCo's management team knows that the company needs to maintain close ties to its dealers (sales offices) and suppliers to stay competitive. Because these entities operate independently of HugeCo, they do not share any information technology infrastructure. Without exception, HugeCo has a more highly developed infrastructure and more expertise than its dealers and suppliers. At the present time, most communication outside the company is exchanged via simple file transfers and fax machines. Although we do not discuss it in this chapter, HugeCo hopes to leverage the knowledge gained from deployment of its corporate directory service to create a directory to link it closely and securely with its suppliers and dealers. A directory deployment motivated by those needs is discussed in Chapter 26, Case Study: An Enterprise with an Extranet. |
