Extending Active Directory
- By Scott Bekker
Tom Kemp, co-founder of NetIQ Corp., is once again probing the business opportunities at the edges of Microsoft servers and networks.
NetIQ is the San Jose, Calif., systems and security management firm that sold the Microsoft Operations Manager technology to Microsoft and one of the early companies to see value in building Active Directory tools. Kemp is now president and CEO of Centrify Corp., a new Mountain View, Calif., firm focused on interoperability with Active Directory.
"Basically we're extending Active Directory beyond Windows in terms of authorization, access and also Group Policy," Kemp says of the company's product, DirectControl. "It makes the Unix/Linux system look like a client, like a Windows XP system, from an authentication standpoint. End users can use their Active Directory credentials to access non-Microsoft resources, operating systems and popular Java and Web servers."
Kemp's timing is good. At about the same time Centrify shipped DirectControl, Microsoft Chairman and Chief Software Architect Bill Gates sent an e-mail to corporate executives highlighting the importance of integration and interoperability.
"[DirectControl] makes the Unix/Linux system look like a client, like a Windows XP system [to Active Directory] ..."
President and CEO, Centrify Corp.
Utah-based competitor Vintela's timing is also good, possibly better. The firm shipped its product first and secured an investment from Microsoft in 2004. In February, Vintela also hired Jackson Shaw away from Microsoft's Identity and Access Management marketing team. Shaw previously worked at Zoomit as part of the team grooming the meta-directory vendor for acquisition by Microsoft in 1999.
Al Gillen, an analyst with IDC, notes that Centrify's Kemp has deep experience in developing products with a Microsoft-like approach. Of DirectControl, Gillen says, "Where that really fits well is companies that have a few Linux or Unix servers and are planning to have a mixed environment for a long time to come."
While Centrify distributes agents to the non-Windows systems, changing the Unix and Linux systems to behave like Windows clients, Vintela extends Active Directory, changing the Microsoft technology to adapt to non-Windows systems. Vintela CTO Matt Peterson describes Vintela's approach as key in heterogeneous shops where Active Directory is installed but Microsoft has less credibility. "It's actually more politically correct for [Microsoft] to have someone else doing this," he says.
It's logical to expect Centrify to find success in the kinds of Windows-oriented shops IDC's Gillen describes and Vintela making headway in more heterogeneous shops. Other routes to interoperability include home-brewed software built from open source tools and directory synchronization tools from vendors like Oblix.
"We think [interoperability] is going to be a very large market," Kemp says. "It's going to support a number
Scott Bekker is editor in chief of Redmond Channel Partner magazine.