Directory Service - Implementations of Directory Services

Implementations of Directory Services

Directory services were part of an Open Systems Interconnection (OSI) initiative to get everyone in the industry to agree to common network standards to provide multi-vendor interoperability. In the 1980s, the ITU and ISO came up with a set of standards - X.500, for directory services, initially to support the requirements of inter-carrier electronic messaging and network name lookup. The Lightweight Directory Access Protocol, LDAP, is based on the directory information services of X.500, but uses the TCP/IP stack and a string encoding scheme of the X.500 protocol DAP, giving it more relevance on the Internet.

There have been numerous forms of directory service implementations from different vendors. Systems developed before the advent of X.500 include:

• Domain Name System: (DNS), the first directory service on the Internet, which is still used everywhere today.
• Hesiod: was based on DNS and used at MIT's Project Athena.
• Network Information Service: (NIS), originally named Yellow Pages (YP), was Sun Microsystems' implementation of a directory service for Unix network environments. It served a similar role as Hesiod.
• NetInfo: was developed by NeXT in the late 1980s for NEXTSTEP. After being acquired by Apple, it was released as open source and used as the directory service for Mac OS X before being deprecated in favor of the LDAP-based Open Directory. Support for NetInfo was completely removed with the release of 10.5 Leopard.
• Banyan VINES: was the first scalable directory services offering.
• NT Domains: was developed by Microsoft to provide directory services for Windows machines prior to the release the LDAP-based Active Directory in Windows 2000. Windows Vista continues to support NT Domains, but only after relaxing the minimum authentication protocols it supports.

Among the LDAP/X.500 based implementations are:

• Active Directory: Microsoft's modern directory service for Windows, originating from the X.500 directory it created for use in Exchange Server, first shipped with Windows 2000 Server and is supported by successive versions of Windows.
• eDirectory: This is Novell's implementation of directory services. It supports multiple architectures including Windows, NetWare, Linux and several flavours of Unix and has long been used for user administration, configuration management, and software management. eDirectory has evolved into a central component in a broader range of Identity management products. It was previously known as Novell Directory Services.
• eNitiatives ViewDS Directory Server: ViewDS was originally developed by Telstra Research Laboratories in Clayton Victoria Australia (previously Telecom Australia) as an X.500 Directory server known as View500 to run on line White & Yellow Pages services. ViewDS was acquired by eNitiatives in 2000. It differs from other X.500 Directory products in that it has an in built indexing engine capable of indexing all attributes and also supports a range of different types of searching and matching on entries, such as word matching, stem matching, synonym matching, acronym matching, component matching, misspelling matching, and sounds like matching. This matching is available on multiple languages including Pinyin and Traditional Mandarin. ViewDS is LDAPv3 compliant and is also the world's first Directory to support the XACML standard for Policy Based Access control onto all attributes stored in the directory, with an inbuilt combined Policy Decision Point (PDP) and Policy Information Point (PIP) as well as two Policy Administration Tools (PAP). ViewDS is also CCEB ACP133EdD (Military) and IATA ATN-AMHS standards compliant, and supports the storage of XML objects, data and schema in the Directory using the draft IETF XML Enabled Directory standard. It also supports SPMLv2.0, DSMLv2 and SCIM 1.0. ViewDS is widely used in the Government,Aviation, Health & Defence sectors.
• Red Hat Directory Server: Red Hat released a directory service, that it acquired from AOL's Netscape Security Solutions unit, as a commercial product running on top of Red Hat Enterprise Linux called Red Hat Directory Server and as the community supported 389 Directory Server project.
• Open Directory: Apple's Mac OS X Server uses a directory service named Open Directory, which implements LDAP using a customized build of OpenLDAP and integrates support for both SASL and Kerberos authentication. It uses a plugins architecture to work with other LDAPv3 directories, including proprietary solutions like Active Directory and eDirectory.
• Apache Directory Server: Apache Software Foundation offers a directory service called ApacheDS.
• Oracle Internet Directory: (OID) is Oracle Corporation's directory service, which is compatible with LDAP version 3.
• CA Directory: CA Directory contains pre-caching engine which can index all attributes that are used in LDAP search filters, and caching all attributes returned in search results.
• Alcatel-Lucent Directory Server: CTIA 2009 - 4G Service Creation & Development Award Winner offering enhanced performance, high availability and proven efficiencies
• Sun Java System Directory Server: Sun Microsystems' current directory service offering
• OpenDS: An open source directory service implementation from scratch in Java, backed by Sun Microsystems
• IBM Tivoli Directory Server It is a customized build of an old release of OpenLDAP.
• DirX Directory Server from Atos (ex-Siemens software)
• Windows NT Directory Services (NTDS), later renamed Active Directory, replaces the former NT Domain system.
• Critical Path Directory Server
• OpenLDAP Derived from the original University of Michigan reference LDAP implementation (as are the Netscape/Red Hat/Fedora/Sun JSDS servers) but significantly evolved. It supports all current computer architectures, including Unix and Unix derivatives, Linux, Windows, z/OS, and a variety of embedded/realtime systems.
• Isode Limited: High performance and high availability LDAP and X.500 servers.
• Lotus Domino

There are also plenty of open-source tools to create directory services, including OpenLDAP and the Kerberos protocol, and Samba software which can act as a Windows Domain Controller with Kerberos and LDAP backends. Administration is done using GOsa or Samba provided SWAT.